Healthcare Information Security

Phishing Attacks

‘Payment Notification’ Is Top Healthcare Phishing Attack Subject

October 11, 2018 - The term “Payment Notification” is the top healthcare phishing attack subject, appearing in 58 percent of healthcare phishing attack campaigns in 2018, according to the latest data from Cofense. Other popular subjects in healthcare phishing attacks are “New Message in Mailbox” and “Attached Invoice.” Cofense (formerly PhishMe) found that 7 percent...


More Articles

Hacker Steals 124 PHI-Laden Emails in Aspire Phishing Attack

by Fred Donovan

Aspire Health, a Nashville-based in-home healthcare provider, suffered a phishing attack on Sept. 3 in which a hacker gained access to its internal email system earlier this month, according to court documents cited by...

HHS Still Leads in DMARC Implementation To Stop Phishing Attacks

by Fred Donovan

With the Oct. 16 deadline looming, HHS continues to lead in securing the most domains of any federal agency as part of the DMARC protocol implementation, which is designed to prevent phishing attacks from succeeding. As of Sept. 14, HHS...

Healthcare Lags Other Industries in Phishing Attack Resiliency Rate

by Fred Donovan

Healthcare trails other major industries in its phishing attack resiliency rate, which measures the ratio between people who report a phish versus those who fall victim to one, according to a report released Sept. 17 by Cofense. The...

Reliable Respiratory Says Phishing Attack Affected 21K Individuals

by Fred Donovan

Massachusetts-based medical equipment supplier Reliable Respiratory reported to OCR on Sept. 1 that a phishing attack exposed PHI on 21,311 individuals. In a notice on its website, Reliable Respiratory said that on July 3 it discovered a...

Phishing Attacks That Impersonate Trusted Individuals on the Rise

by Fred Donovan

There was an 80 percent increase in phishing attacks that impersonated someone familiar to the targeted individual, according a study released August 28 by email security firm Mimecast. Mimecast found that there was one unstopped...

417K Patients Exposed In Latest Phishing Attack at AU Health

by Fred Donovan

Close to half a million people may have had their PHI and other personal information exposed in a September 2017 phishing attack that impacted the Augusta University (AU) Health system. Another phishing attack on July 11, 2018, may have...

InterAct of Michigan Phishing Attack Exposes PHI on 1,290 People

by Fred Donovan

InterAct of Michigan reported to OCR on August 7 that an email hacking incident may have exposed PHI on 1,290 individuals. In a statement on its website, InterAct explained that it became aware on June 8 that an unauthorized third party...

Phishing Attack Exposes PHI of 1.4M UnityPoint Health Patients

by Fred Donovan

Iowa-based UnityPoint Health said July 30 that it notified approximately 1.4 million patients of a recent email phishing attack incident that may have compromised their PHI. Patient information that might have...

HHS Leads Federal Agencies in Email Security Implementation

by Fred Donovan

HHS has secured the most domains of any federal agency as part of the DMARC email security protocol implementation mandated by the Department of Homeland Security (DHS), according to a study by email security firm Agari. The Domain-based...

PHI of 18,000 UMCP Patients at Risk in Healthcare Data Breach

by Fred Donovan

UMC Physicians (UMCP), a physician practice managment group set up by Texas-based UMC Health System, announced July 11 that it had notified more than 18,000 patients about a healthcare data breach in which their PHI may have...

Children’s Mercy Hospital Phishing Attack Impacts PHI of 60K

by Fred Donovan

A phishing attack targeting employees at Missouri-based Children’s Mercy Hospital may have compromised PHI on more than 60,000 individuals, the Kansas City Star reported July 3. The information possibly accessed by hackers included...

Healthcare Internet Crimes Cost Victims $925,849 Last Year

by Fred Donovan

Healthcare internet crimes cost victims $925,849 last year, according to the FBI Internet Crime Complaint Center’s (IC3) 2017 Internet Crime Report.  The report includes stats on internet crime complaints received by the...

RISE Ransomware Attack Puts 3,731 Patients at Risk

by Fred Donovan

RISE Wisconsin reported June 7 to OCR that it suffered a ransomware attack in which PHI on 3,731 individuals may have been exposed. In a press release, RISE said that patient names, addresses, dates of birth, Social Security numbers, and...

Healthcare Ransomware Attacks Soared in Q3 2017

by Fred Donovan

The number of healthcare ransomware attacks exploded in the third quarter of 2017, far outpacing all other types of cyberattacks against healthcare companies, but then dropped off sharply in the fourth quarter, according to the latest data...

Reported Kansas PHI Data Breach Could Involve Info of 11K

by Elizabeth Snell

An unauthorized email from a Kansas Department for Aging and Disability Services (KDADS) employee was sent to a group of business associates, which created a possible PHI data breach, according to a KDADS online statement. KDADS...

OCR Highlights 8 Tips for Avoiding Healthcare Phishing Attacks

by Elizabeth Snell

Healthcare phishing attacks are becoming more sophisticated, which is why organizations must remain vigilant in their detection measures, OCR explained in its recent cybersecurity newsletter. Hackers can take advantage of popular holidays...

Decatur County General EMR Security Incident Impacts 24K

by Elizabeth Snell

Tennessee-based Decatur County General Hospital experienced an EMR security incident when unauthorized software was installed on the server the EMR vendor supports on the organization’s behalf. Decatur County received a security...

78% of Healthcare Workers Lack Data Privacy, Security Preparedness

by Elizabeth Snell

Improved data privacy and security employee training programs will greatly benefit healthcare organizations as they work to keep pace against evolving cybersecurity threats, according to recent research. Seventy percent of employees in...

Prevent Healthcare Phishing with Employee Security Training

by Elizabeth Snell

Implementing a strong employee security training program is consistently noted as a key way for covered entities to prevent healthcare phishing attacks. Organizations of all sizes need to ensure that staff members can recognize malicious...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks