Children served by Florida DOH child protective services may have had psychological and medical info accessed in hack

From the Pensacola News Journal:

The Florida Department of Health has reported a data breach that may have comprised the personal information of some patients in Escambia, Santa Rosa, Okaloosa and Walton counties.

The department completed an investigation and found that an unauthorized user compromised the Microsoft Outlook 365 account of an employee of the Children’s Medical Services between Oct. 8 and Oct. 16, according to a news release.

It is possible that individuals served by the District 1 Child Protection Team may have had their names, psychological and medical conditions accessed as a result of this incident.

Read more on PNJ.  DataBreaches.net reached out to the Florida DOH yesterday with some questions as to how the breach occurred and how many have been affected, but received no response from the agency.

Updated November 13:  A spokesperson for the DOH responded to the inquiry with this statement:

The Department cannot specify how many emails or accounts were accessed. We know that the hacker had an opportunity to access one employee’s email account during the time frame of October 8, 2018 – October 16, 2018. The incident appears to be phishing and the IP address of the attacker is from Nigeria.

About the author: Dissent