In the interconnected world of healthcare, where data is both invaluable and vulnerable, the rise of social engineering attacks poses a significant threat. Beyond sophisticated software and firewalls, cybercriminals often exploit the human element to gain unauthorized access to sensitive information. This blog explores the nuances of social engineering in healthcare, sheds light on common...
Healthcare businesses are increasingly reliant on technology to manage patient information, conduct financial transactions, and communicate with staff and patients. While technology has many benefits, it also presents significant risks, including the threat of cyberattacks. One of the most common types of cyberattacks is phishing when an attacker impersonates a trusted individual or entity and...
What is Phishing? Phishing is the practice of tricking users by imitating reputable companies in order to reveal personal or confidential information which can then be used in a more illicit manner. This is done via a deceptive email or website, and often in a combination of both. Spear phishing takes the manipulation one step...
Metrocare Services, a mental health service provider in North Texas, has notified the Department of Health & Human Services (HHS) of a data breach affecting 5,290 patients. The Breach Discovery The breach was the result of a phishing attack and was discovered on February 6, 2019, when Metrocare found that an unauthorized third-party accessed some...
Is the healthcare sector uniquely vulnerable to phishing attacks? A recent report published in the Journal of the American Medical Association says yes, with research to back that claim. A team of researchers led by William Gordon, MD of Harvard Medical School and Boston’s Brigham and Women’s Hospital set out to answer the question, “Are...
Pawnee County Memorial Hospital (PCMH) in Pawnee City, Nebraska has notified 7,038 patients that a hacker may have accessed some of their protected health information. The incident was discovered on November 29, 2018, when PCMH learned that their business e-mail system was compromised by a malware virus. A forensic computer investigator was hired immediately following...
Educating employees on security awareness and the dangers posed by cybercriminals is critical to any organization. While you can train employees on what to look for and how to best protect your practice, cybercriminals will continue to find unique and more sophisticated ways to trick individuals and gain access to the sensitive data they’re trying...
On October 5, California-based Gold Coast Health Plan (GCHP) informed the Office for Civil Rights (OCR) that a phishing attack may have exposed the protected health information of 37,005 plan members. The attack occurred when hackers successfully tricked a GCHP employee with a phishing email, which allowed the hackers access to that employee’s email account...
Phishing is a cybercrime that has been around for many years, where targets are sent malicious emails claiming to be from a legitimate individual or organization to trick them into disclosing their sensitive information. Phishing emails remain a major threat today, however despite increased awareness of the cybercrime, cybercriminals continue to fool their targets into...
There is a good chance you’ve never heard of the major marketing and data aggregation company Exactis, but that doesn’t mean they don’t know you. In fact, Exactis may know a great deal of your personal information, including your email address, your home address, your habits and hobbies, your children’s ages and genders if you...
© 2023 · HIPAA Secure Now!
Recent Comments