Individuals receiving healthcare across Los Angeles had their personal and health data compromised following a successful phishing attack against Los Angeles County Department of Health Services, which is the second largest U.S. public healthcare system, in February, according to BleepingComputer.
Malicious phishing emails delivered between Feb. 19 and 20 have enabled attackers to infiltrate the email accounts of 23 employees, which contained patients' names, birthdates, home and email addresses phone numbers, medical record numbers, client identification number, medical details, and/or health plan information, said LA County Health Services. However, no Social Security numbers and financial data have been compromised as a result of the incident, which has already been remediated through a reset of all impacted employee email accounts and more extensive screening of suspicious emails.
There has been no indication of any misuse of the exposed data so far but impacted individuals have been urged to promptly verify their medical records with their health providers.