The Los Angeles County Division of Well being Companies introduced Friday phishing assault in February allowed a hacker to acquire an worker's login credentials, which can have compromised the private data of about 47,000 folks.
The phishing e mail assault befell on February 6. After discovering the breach, the well being providers division stated it disabled the affected e mail account, reset and re-imaged the consumer's gadgets, and blocked web sites that have been recognized as a part of the phishing. marketing campaign and quarantined all suspicious incoming emails.
Moreover, notifications have been distributed to all members of the workforce to remind them to be vigilant when reviewing emails, particularly those who embody hyperlinks or attachments. Police have been notified and investigated the incident, in response to DHS.
Info recognized within the probably compromised e mail account might have included full title, date of start, dwelling handle, phone quantity, e mail handle, Social Safety quantity, government-issued identification, medical file quantity, data medical insurance and/or medical data. data.
The well being providers division is notifying affected people by mail. For folks whose mailing handle shouldn’t be out there, the division can also be posting a discover on its web site to supply data and sources. DHS stated it is usually notifying the U.S. Division of Well being and Human Companies Workplace for Civil Rights and different companies as required by regulation and/or contract.
DHS stated it has carried out quite a few enhancements to cut back publicity to related e mail assaults sooner or later.
Whereas the division can’t verify whether or not the knowledge was improperly accessed or used, people are inspired to evaluate the content material and accuracy of the knowledge of their medical file with their medical supplier.
To assist alleviate considerations following the incident, the division stated it has retained the providers of an id monitoring service to help these affected with credit score monitoring, fraud inquiries and id theft restoration.
Final week, the Los Angeles County Division of Public Well being introduced phishing assault additionally in February allowed a hacker to acquire the login credentials of 53 staff, compromising the private data of greater than 200,000 folks.