Georgia Spine and Orthopaedics of Atlanta
November 28, 2018
•[ social, phishing, healthcare ]
Georgia Spine and Orthopaedics of Atlanta notifies 7,012 patients after a phishing attack occurred on July 2018.
East Tennessee State University
November 19, 2018
•[ social, phishing, education ]
Two employees at East Tennessee State University fall for an email phishing scam and pave the way for a breach at the school.
New York Oncology Hematology
November 16, 2018
•[ social, phishing, healthcare ]
New York Oncology Hematology notifies nearly 130,000 patients and employees that it was the victim of a phishing attack occurred between April 20 and April 27.
UK Engineering Company
November 13, 2018
•[ espionage, phishing, manufacturing ]
Researchers from Recorded Future reveal the details of a spear phishing campaign carried out by the Chinese TEMP.Periscope group against a UK based engineering company, leveraging Russian APT Techniques.
Health First, Inc.
November 12, 2018
•[ social, phishing, healthcare ]
Health First, Inc. notifies 42,000 patients after a phishing incident.
Southwest Washington Regional Surgery Center
November 8, 2018
•[ leak, phishing, healthcare ]
Southwest Washington Regional Surgery Center notifies 2,393 patients after phishing attack exposed their PHI.
WPSandbox
November 4, 2018
•[ leak, phishing, technology ]
In November 2018, the WordPress sandboxing service that allows people to create temporary websites WP Sandbox discovered their service was being used to host a phishing site attempting to collect Microsoft OneDrive accounts. After identifying the malicious site, WP Sandbox took it offline, contacted the 858 people who provided information to it then self-submitted their addresses to HIBP. The phishing page requested both email addresses and passwords.
Five Guys
November 2, 2018
•[ social, phishing, retail ]
Five Guys notifies employees of data breach after an employee falls victim for a phishing attack.
Episcopal Health Services
November 1, 2018
•[ hack, phishing, healthcare ]
Episcopal Health Services notifies patients after employee email accounts are hacked.
Catawba Valley Medical Center
October 19, 2018
•[ social, phishing, healthcare ]
Catawba Valley Medical Center notifies patients of a phishing email incident occurred on August 13, 2018.
Henderson School District
October 12, 2018
•[ financial, phishing, education ]
The Henderson school district in Texas is hit with a business email compromise (BEC) attack resulting in a $600,000 loss for the district. The attack took place on September, 26th.
Minnesota Department of Human Services
October 9, 2018
•[ social, phishing, government ]
The Minnesota Department of Human Services falls victim to a phishing email scam. The attackers accessed the information of approximately 21,000 individuals in two incidents back in June and July.
City of Regina
October 2, 2018
•[ hack, phishing, government ]
A city of Regina email is hacked, and used as a phishing tool to try and get passwords and emails from other city of Regina staff as well as external groups.
Toyota (North America)
September 28, 2018
•[ social, phishing, manufacturing ]
Toyota Industries North America notifies individuals of a phishing incident, potentially impacting approximately 19,000 current/former employees and health plan participants.
NS Bank
August 30, 2018
•[ financial, finance, phishing ]
Researchers from NetScout Arbor reveal the details of a new campaign carried out by the Cobalt Group via spear phishing. One of the targets is NS Bank.
University of Missouri
August 29, 2018
•[ social, phishing, education ]
The University of Missouri suspends email delivery after a Missouri State Democratic Party email seeking interns helps jumpstart a phishing attempt.
University of Oregon
August 29, 2018
•[ social, phishing, education ]
University of Oregon is target of a phishing campaign.
Legacy Health
August 20, 2018
•[ phishing, healthcare ]
Legacy Health notifies 38,000 patients that a phishing attack may have breached their data. Officials discovered unauthorized access to some employee email accounts on June 21. However, the access began several weeks before in May 2018.
Dallas County Community College
August 17, 2018
•[ social, phishing, education ]
Dallas County Community College discloses a breach after some employees' emails credentials are compromised by a phishing attack from September 14, 2017 to December 18, 2017.
Augusta University Health
August 16, 2018
•[ social, phishing, healthcare ]
Augusta University Health discloses a breach affecting 417,000 patients as a consequence of two phishing attacks occurred on September 11, 2017 and July 31, 2018.
