LA County Department of Mental Health Compromised by Phishing Attack

On April 21, the Los Angeles County Department of Mental Health disclosed that it had suffered a data breach in a phishing incident. Unauthorized access occurred between October 19 to October 21, 2021.

On April 20, LACDMH uploaded a template of its notification letter to the California Attorney General’s Office. That template indicated that the type of information that may have been affected included “name, address, date of birth, driver’s license, Social Security number, medical and/or health information, health insurance information, SSID student identifier, and/or financial account number.”

The number of people being notified was not included in the notification, and the incident is not yet up on HHS’s public breach tool. The press release posted on the county’s website is embedded below.

1123279_DataBreachPressRelease042122FINAL

ModMed revealed they were victims of a cyberattack in July. Then some data showed up for sale.
Data breach in 42 Latvian municipalities: DVI imposes 300,000 euro fine on ZZ Dats
Kaufman County's data breach was their second one in three weeks
Protected health information of 462,000 members of Blue Cross Blue Shield of Montana involved in Conduent data breach
TX: Kaufman County Faces Cybersecurity Attack: Courthouse Computer Operations Disrupted
Attorney General James Announces Settlement with Wojeski & Company Accounting Firm

Related: