Phishing

Ca: Nova Scotia Health Authority suffers data breach, nearly 3,000 patients possibly affected

Alexander Quon reports: The Nova Scotia Health Authority (NSHA) is in the process of notifying nearly 3,000 people about a potential privacy breach involving personal health information, the organization announced on Monday. The health authority says the breach was detected by its IT team on May 13, 2019, after an employee’s email account was...

Aetna first notifying 238 Virginia employees of BenefitMall breach that they’ve known about since December, 2018?

In January, 2019, we learned about a breach at Centerstone Insurance and Financial Services, Inc. d/b/a BenefitMall, a business associate.  The breach reportedly affected more than 111,000 insurance members/covered employees of the vendor’s clients. HIPAA Journal covered the incident. Yesterday, Aetna issued a public notice  related to the incident. Surprisingly, their notice discloses that...

Health Quest phishing incident in 2018 results in notification to patients, but why such a long delay?

Today’s Poughkeepsie Journal has a news story about a phishing incident that appears to have been discovered in July, 2018 that affected an unspecified number of Health Quest patients. From the available information, it sounds like Health Quest first discovered email attachments in January, 2019, and then it took them until April 2, 2019...

Phisher folk reel in Computacenter security vetting mailbox packed with sensitive staff data

Paul Kunert reports: The third-party mailbox used by Computacenter employees and contractors to deposit data for security clearance applications has been hacked and used in phishing scams. The company, one of Europe’s largest resellers, counts some of the biggest names in financial services among its corporate client base, and sells to a raft of...