Los Angeles County Department of Public Health has confirmed that 200,000 individuals’ personal data was stolen in a phishing attack that compromised the credentials of 53 employees. The attackers used these hacked credentials to access and steal personal information, including names, birthdates, Social Security numbers, health insurance details, diagnoses, prescriptions, patient IDs and more.
The DPH has deactivated all affected email accounts and blocked the websites involved in the attack. While it is not yet confirmed whether the stolen information has been accessed or misused, individuals are encouraged to review their medical records with their healthcare providers. This breach is one of several recent phishing attacks targeting Los Angeles County, with previous attacks affecting thousands of individuals in the Department of Health Services and Department of Mental Health.
Organizations must enhance their cybersecurity measures to prevent future attacks and safeguard sensitive data from falling into the wrong hands. Los Angeles County is working to strengthen its defenses and improve its response to cyber threats to protect the personal information of its residents.
