According to sources, Los Angeles County Department of Health Services (a Medical organization in California) was hit with a cyber attack. It was first reported on 2024-04-25.

If You're in California, You're at Increased Risk

Specialized Cybersecurity for Critical Infrastructure

Manage your organization’s attack surface with SecuLore’s passive cyber threat detection.

  • Asset Discovery
  • Vulnerability Assessments
  • Risk Prioritization
  • 24/7 Active Threat Detection

  • Continuous Monitoring

Source 1  |  2024-04-25

LA County Health Services: Patients' data exposed in phishing attack

“​The Los Angeles County Department of Health Services disclosed a data breach after thousands of patients' personal and health information was exposed in a data breach resulting from a recent phishing attack impacting over two dozen employees. “

“This integrated health system operates the public hospitals and clinics in L.A. County (the most populous county in the United States) and is the second largest public health care system in the country after NYC Health + Hospitals. “

“As revealed in data breach notifications sent to potentially affected individuals, 23 employees had their mailboxes compromised after their credentials were stolen in a February attack. “

“Documents and e-mails in the compromised mailboxes included a combination of patients' personal and health information, including: first and last name, date of birth, home address, phone number(s), e-mail address, medical record number, client identification number, dates of service medical information (e.g., diagnosis/condition, treatment, test results, medications), and/or health plan information. Affected individuals may have been impacted differently, and the data stored in the breached e-mail inboxes did not include Social Security Numbers (SSNs) or financial information.“

Source 2  |  2024-06-17

200,000 Impacted by Data Breach at Los Angeles County Public Health Agency

“The incident, DPH announced on Friday, occurred between February 19 and February 20, 2024, after an employee fell victim to a phishing attack that led to the compromise of 53 Public Health employees’ login credentials. “

“Using the compromised credentials, the attackers gained access to personal information such as names, birth dates, Social Security numbers, diagnosis, prescriptions, health insurance information, patient IDs, medical record numbers, Medicare/Med-Cal numbers, and other financial information. “

“The phishing attack impacted other Los Angeles County health agencies as well. In April, the county’s Department of Health Service announced that the personal information of over 6,000 people was compromised after the attackers accessed the email accounts of 23 DHS employees. “

Cyber-Protecting Our Nation’s Critical Infrastructure

At SecuLore, our mission is to cyber-protect our nation’s critical infrastructure. Led by experts in 9-1-1 technology, cyberwarfare, and ethical hacking, our team provides the technology, expertise, and training needed to defend customers from increasingly sophisticated cyber threats.