Source 1 | 2022-10-10
“Cytometry Specialists, known as CSI Laboratories, disclosed a phishing attack that impacted 244,850 individuals. On July 8, CSI discovered that an employee email account had been compromised. After discovering the incident, CSI said it took steps to isolate the email account and investigate the attack.“
““We believe the access to a single employee mailbox occurred not to access patient information, but rather as part of an effort to commit financial fraud on other entities by redirecting CSI customer health care provider payments to an account posing as CSI using a fictitious email address,” CSI stated in a notice to patients.“
“The invoices were not directly billed to patients. Thus, we believe that the malicious actor was seeking to divert invoice payments.” On July 15, CSI determined that the unauthorized party managed to acquire certain files, including those containing patient information. The files were all related to invoices sent to CSI healthcare provider customers.“
Source 2 | 2022-10-11
“Tessie Cleveland Community Services Corp., a mental health clinic based in California, disclosed a breach to 9,747 individuals. An unknown individual accessed information contained in some employee email accounts between June 17 and June 30. Tessie discovered the breach on June 30.“
““Based on our investigation, this incident was likely an attempt to commit business fraud against Tessie. We don’t believe the intent was to take a particular person’s information,” the organization stated.“
““However, in an abundance of caution, we reviewed the contents of the email accounts and identified client information, including names, demographic information, health insurance identification numbers, limited information regarding care at Tessie, and in some instances, Social Security numbers.”“
Source 3 | 2022-10-11
“Vancouver, Washington-based Columbia River Mental Health Services (CRMHS) suffered a nearly year-long breach from May 2021 to April 2022, the organization said.“
“CRMHS “determined that there was unauthorized access” to certain email accounts, but said it could not confirm whether information relating to specific individuals was actually accessed.“
“The information in the email accounts included names, addresses, Social Security numbers, medical information, usernames and passwords, dates of birth, driver’s license numbers, and financial account information. CRMHS is mailing notification letters to impacted individuals.“
Cybersecurity for Critical Infrastructure
SecuLore provides Managed Detection and Response (MDR) to protect our nation’s critical infrastructure from cyber threats. Our expertise is built on deep knowledge of 9-1-1 technology, cyberwarfare, and ethical hacking, ensuring the highest level of cybersecurity for public safety agencies.
