In February, the Los Angeles County Department of Health Services became the target of a successful phishing attack. The incident resulted in the compromise of personal and health data for individuals receiving healthcare across Los Angeles. This breach affected the second largest U.S. public healthcare system, as reported by BleepingComputer.
The attack began with malicious phishing emails that were sent out between February 19 and 20, leading to the infiltration of the email accounts of 23 employees. The compromised accounts contained sensitive information including patients’ names, birthdates, addresses, phone numbers, medical record numbers, client identification numbers, medical details, and health plan information. However, no Social Security numbers or financial data were accessed during the breach.
In response to the incident, all impacted employee email accounts were reset and additional measures were taken to screen for suspicious emails. While there has been no evidence of the compromised data being misused, individuals affected by the breach have been advised to promptly check their medical records with their healthcare providers.
It is crucial for individuals affected by this data breach to stay vigilant and take proactive steps to protect their personal information. By regularly monitoring their health records and being cautious of any unexpected communications, they can help safeguard their sensitive data from further unauthorized access or exploitation.