Phishing Attacks

NY AG Reaches $400K Settlement With Healthplex Over Data Breach

December 13, 2023 - New York Attorney General (NYAG) Letitia James reached a settlement with Healthplex, a large dental insurance provider, following a data breach that occurred in November 2021. Healthplex agreed to pay $400,000 to resolve the investigation. According to the company’s original breach notice, issued in April 2022, Healthplex discovered that one...


More Articles

HHS Settles First Phishing Attack Investigation With Louisiana Medical Group

by Jill McKeon

HHS reached its first-ever phishing attack settlement with Lafourche Medical Group, a Louisiana-based medical group that specializes in emergency medicine, lab testing, and occupational medicine....

HC3 Sheds Light On QR Code-Based Phishing as Threat to Healthcare Cybersecurity

by Jill McKeon

The Health Sector Cybersecurity Coordination Center’s (HC3) latest white paper examined the risks of “quishing,” or QR code-based phishing attacks. The growing popularity of quick...

FBI Warns Public About Phishing Attacks Against Plastic Surgery Offices, Patients

by Jill McKeon

The Federal Bureau of Investigation (FBI) issued a public service announcement to alert the public about cybercriminals who have been targeting plastic surgery offices, surgeons, and their patients...

Advanced Email Attacks Skyrocket in Healthcare

by Jill McKeon

Advanced email attacks remain a top threat to organizations around the world, including those in the healthcare sector, Abnormal Security observed in its latest blog post. Abnormal saw a 167 percent...

HC3 Advises Healthcare Sector to Prioritize Cyber Defense Against FIN11

by Sarai Rodriguez

Amidst a surge of cybersecurity threats, the Health Sector Cybersecurity Coordination Center (HC3) has spotlighted a new one, FIN11, a cybercriminal collective originating from the Commonwealth of...

Maryland Hospital Reveals 30K Individuals Impacted by Ransomware Attack

by Sarai Rodriguez

Atlantic General Hospital has notified 30,704 patients of a ransomware attack that potentially compromised protected health information (PHI), a notice provided to the Maine Attorney General’s...

MA Pharmacy Falls Victim to Email Phishing Attack, Results in PHI Exposure

by Sarai Rodriguez

After an email phishing attack, AllCare Plus Pharmacy reported to the Maine Attorney General that 5,971 patients potentially had their protected health information (PHI) exposed. AllCare became aware...

Business Email Compromise (BEC) Attacks Continue to Increase in Healthcare

by Jill McKeon

Behind the transportation and automotive industries, healthcare employees were the most likely to read and reply to malicious emails, falling victim to business email compromise (BEC) attacks, Abnormal...

Highmark Health Suffers Phishing Attack, 300K Individuals Impacted

by Jill McKeon

Highmark Health suffered a phishing attack that impacted 300,000 individuals, a notice provided to the Maine Attorney General’s Office stated. Highmark Health is the second largest integrated...

CISA: Federal Employees Targeted in Malicious Cyber Threat Campaign Using RMM Software

by Jill McKeon

UPDATE 1/27/2023 - This article has been updated to include a commment from ConnectWise. The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Multi-State...

CareFirst Administrators Impacted By Phishing Scam at RCM Vendor

by Jill McKeon

CareFirst Administrators (CFA) notified 14,538 individuals of a phishing scam that occurred at Conifer Revenue Cycle Solutions, a provider of revenue cycle management services to healthcare...

Conway Regional Medical Center Reaches $295K Settlement Over Healthcare Data Breach

by Jill McKeon

Conway Regional Medical Center in Arkansas agreed to pay $295,000 to settle a lawsuit stemming from a 2019 healthcare data breach. In June 2019, Conway fell victim to a phishing scheme resulting in the...

Aveanna Healthcare Reaches $425K Settlement After Healthcare Data Breach

by Sarai Rodriguez

Aveanna Healthcare reached a proprosed settlement to resolve a healthcare data breach lawsuit stemming from a 2019 string of phishing attacks that impacted hundreds of thousands of Massachusetts...

Michigan Medicine Notifies 33K Patients of Phishing Attack

by Jill McKeon

Michigan Medicine notified 33,850 patients of a phishing attack that may have exposed their health information. A cyber attacker targeted Michigan Medicine in August 2022 with a scam that lured...

Cancer Testing, Diagnostics Lab Suffers Phishing Attack, 244K Impacted

by Jill McKeon

Cytometry Specialists, known as CSI Laboratories, disclosed a phishing attack that impacted 244,850 individuals. On July 8, CSI discovered that an employee email account had been compromised. After...

HC3 Alerts Healthcare Sector of Monkeypox-Themed Phishing Scheme

by Sarai Rodriguez

The Health Sector Cybersecurity Coordination Center (HC3) warned the healthcare sector of a new monkeypox-themed phishing scheme targeting healthcare providers. Threat actors are using the latest...

HC3 Notes Uptick in Healthcare Vishing Attacks, Social Engineering

by Jill McKeon

In the past year, the Health Sector Cybersecurity Coordination Center (HC3) has observed an uptick in vishing attacks, or "voice phishing," a recent analyst note revealed. Vishing...

Threat Actors Use Evernote-Themed Phishing Scheme to Attack Healthcare Organizations

by Jill McKeon

The Health Sector Cybersecurity Coordination Center (HC3) warned the healthcare sector of a new phishing scheme that lures recipients to an Evernote site containing a downloadable Trojan file that...

Third-Party Mailing Error Exposes 37K SSNs at Sound Health and Wellness Trust

by Jill McKeon

A third-party mailing error originating at Zenith American Solutions resulted in the exposure of 37,146 Social Security numbers provided to Sound Health and Wellness Trust. Zenith American Solutions...