In February, a successful phishing attack on the Los Angeles County Department of Health Services compromised the personal and health data of individuals receiving healthcare in the region. This healthcare system is the second largest in the United States. The attack occurred when malicious phishing emails were sent between February 19 and 20, allowing hackers to access the email accounts of 23 employees.
The compromised email accounts contained a variety of sensitive information including patients’ names, birthdates, home and email addresses, phone numbers, medical record numbers, client identification numbers, and medical details. Fortunately, no Social Security numbers or financial data were impacted by the breach. The LA County Health Services department responded to the attack by resetting all affected employee email accounts and implementing stricter security measures for detecting suspicious emails.
While there has been no evidence of the stolen data being misused, individuals affected by the breach are advised to monitor their medical records closely with their healthcare providers. It is important for these individuals to stay vigilant and report any suspicious activity related to their personal information. The department emphasized that it takes cybersecurity very seriously and is committed to protecting its clients’ privacy and security.
