According to sources, Aveanna Healthcare (a Medical organization in Massachusetts) was hit with a cyber attack. It was first reported on 2022-11-03.

If You're in Massachusetts, You're at Increased Risk

Cybersecurity for Medical

Manage your organization’s attack surface with SecuLore’s 24/7 network monitoring services.

  • 24/7 Threat Monitoring

  • Automated & AI Threat Detection

  • Proactive Threat Hunting

  • Incident Response & Remediation

  • Forensics & Root Cause Analysis

Source 1  |  2022-11-03

Aveanna Healthcare To Pay $425,000 Following Phishing Attacks in 2019 That Impacted Thousands of Massachusetts Residents

“ A Georgia-based home health and hospice care company will pay $425,000 after it failed to implement proper security measures to protect the personal information of patients and employees, Attorney General Maura Healey announced today. The complaint and consent judgment against Aveanna Healthcare, LLC, entered today in Suffolk Superior Court, follows a series of phishing attacks that impacted more than 4,000 Massachusetts residents. Aveanna is a national provider of pediatric and adult home health care, operating in 33 states with Massachusetts offices located in Brockton, Plymouth, Shrewsbury, Springfield, Waltham, West Springfield, and Worcester. The AG’s Office alleges that in July 2019, Aveanna employees began receiving fraudulent “phishing” emails designed to cause the recipient to provide credentials, money, or sensitive information.“

““Companies have an obligation to put the right security measures and systems in place to prevent hackers from accessing sensitive information,” said AG Healey. “As a result of this resolution, Aveanna will ensure compliance with our strong data security laws and the take steps necessary to protect its employees and the private data of Massachusetts residents moving forward.” The private information, which may have included social security numbers, driver’s license numbers, financial account numbers, and health information such as diagnoses, medications, and treatment records, of more than 4,000 Massachusetts residents, including patients and employees, was potentially accessed by the hackers.“

“In one instance, a phishing email was sent to employees that appeared to come from Aveanna’s president. The attacks continued into August 2019, by which point more than 600 phishing emails were sent to employees. Employees’ responses to these emails resulted in hackers obtaining access to portions of Aveanna’s computer network. The hackers also tried to defraud employees by logging into Aveanna’s human resources system and altering individual employees’ direct deposit information. In response to the incident, Aveanna provided affected Massachusetts residents with two years of free credit monitoring.“

Guarding Against Hacking

  • June 10, 2020

    Best Cyber Practices and Policies for Your Agency

  • April 15, 2020

    COVID-19, Elections, Taxes: How Hot Topics Impact Public Safety Cybersecurity

  • January 8, 2020

    Reviewing the Worst Cyber Attacks of 2019

  • October 16, 2019

    Fixing the Top 5 Public Safety Vulnerabilities

Guarding Against Phishing

  • December 13, 2017

    New Insights: The 2016 Thanksgiving Cyber Attack

  • July 26, 2017

    How Hackers Infiltrate Our Public Safety Infrastructure

Cybersecurity for Critical Infrastructure

SecuLore provides Managed Detection and Response (MDR) to protect our nation’s critical infrastructure from cyber threats. Our expertise is built on deep knowledge of 9-1-1 technology, cyberwarfare, and ethical hacking, ensuring the highest level of cybersecurity for public safety agencies.

  • 24/7 Vulnerability & Threat Monitoring

  • Automated & AI Threat Detection

  • Specialized Threat Intelligence

  • Proactive Threat Hunting

  • Incident Response & Remediation

  • Forensics & Root Cause Analysis