According to sources, Aveanna Healthcare (a Medical organization in Massachusetts) was hit with a cyber attack. It was first reported on 2022-11-03.

If You're in Massachusetts, You're at Increased Risk

Cybersecurity for Medical

Manage your organization’s attack surface with SecuLore’s 24/7 network monitoring services.

  • 24/7 Threat Monitoring

  • Automated & AI Threat Detection

  • Proactive Threat Hunting

  • Incident Response & Remediation

  • Forensics & Root Cause Analysis

Source 1  |  2022-11-03

Aveanna Healthcare To Pay $425,000 Following Phishing Attacks in 2019 That Impacted Thousands of Massachusetts Residents

“ A Georgia-based home health and hospice care company will pay $425,000 after it failed to implement proper security measures to protect the personal information of patients and employees, Attorney General Maura Healey announced today. The complaint and consent judgment against Aveanna Healthcare, LLC, entered today in Suffolk Superior Court, follows a series of phishing attacks that impacted more than 4,000 Massachusetts residents. Aveanna is a national provider of pediatric and adult home health care, operating in 33 states with Massachusetts offices located in Brockton, Plymouth, Shrewsbury, Springfield, Waltham, West Springfield, and Worcester. The AG’s Office alleges that in July 2019, Aveanna employees began receiving fraudulent “phishing” emails designed to cause the recipient to provide credentials, money, or sensitive information.“

““Companies have an obligation to put the right security measures and systems in place to prevent hackers from accessing sensitive information,” said AG Healey. “As a result of this resolution, Aveanna will ensure compliance with our strong data security laws and the take steps necessary to protect its employees and the private data of Massachusetts residents moving forward.” The private information, which may have included social security numbers, driver’s license numbers, financial account numbers, and health information such as diagnoses, medications, and treatment records, of more than 4,000 Massachusetts residents, including patients and employees, was potentially accessed by the hackers.“

“In one instance, a phishing email was sent to employees that appeared to come from Aveanna’s president. The attacks continued into August 2019, by which point more than 600 phishing emails were sent to employees. Employees’ responses to these emails resulted in hackers obtaining access to portions of Aveanna’s computer network. The hackers also tried to defraud employees by logging into Aveanna’s human resources system and altering individual employees’ direct deposit information. In response to the incident, Aveanna provided affected Massachusetts residents with two years of free credit monitoring.“

Guarding Against Hacking

  • October 25, 2017

    Hackers Gone Wild: How Cybercriminals Impact 9-1-1 Systems

  • November 11, 2020

    4 Year Anniversary – Twitter TDoS Attack

  • October 14, 2020

    Incidents from the Trenches

  • July 8, 2020

    The Vicious Evolution of Cyber Attacks

Guarding Against Phishing

  • February 24, 2025

    Phishing Webinar: Inside the Hacker’s Toolbox

  • October 10, 2023

    Cybersecurity Awareness Month 2023: Key Takeaways

  • April 12, 2023

    Don’t Get Hooked: Avoiding the Phish

  • November 10, 2021

    Don’t Take the Bait: Phighting the Phish

Cybersecurity for Critical Infrastructure

SecuLore provides Managed Detection and Response (MDR) to protect our nation’s critical infrastructure from cyber threats. Our expertise is built on deep knowledge of 9-1-1 technology, cyberwarfare, and ethical hacking, ensuring the highest level of cybersecurity for public safety agencies.

  • 24/7 Vulnerability & Threat Monitoring

  • Automated & AI Threat Detection

  • Specialized Threat Intelligence

  • Proactive Threat Hunting

  • Incident Response & Remediation

  • Forensics & Root Cause Analysis