Over 350,000 individuals affected by Phishing Attack in Oregon DHS

ODHS (Oregon Department of Human Services) fall prey to a phishing attack, thus possibly allowing unauthorized individuals to obtain or view Protected Health Information (PHI) of over 350,000 individuals.

Cyber Security team of ODHS ESO (Enterprise Security Office) learned on Jan. 28 of this year that unauthorized individuals gained access to the email accounts containing personal information of clients', according to the officials. The third-party forensics experts were called to determine number of individuals who are affected, types of data which might get accessed, and whether the clients' personal information was extracted.

The investigation found that nine ODHS employees became victim of this targeted phishing attack campaign. The officials determined that those spear-phishing emails have been sent to the DHS employees on Jan. 8, 2019, and the first email account was also compromised on the same date. All these nine ODHS employees, who became victim, clicked links in the phishing emails and revealed their login credentials, thus allowing the attackers to have access of their email accounts. The security team stops email accounts access of the hacker's, and DHS is now reviewing this incident to determine the individuals who have been affected.

The investigation revealed that compromised email accounts of employees have around 2 million emails, which contains the medical and personal data of their patients. Oregon Department of Human Services has confirmed that the emails in the compromised account contained information like clients' first as well as last names, birth dates, addresses, Social Security numbers, case numbers, and information that are used to administer the ODHS programs.

The investigation have not found any evidence that will suggest the attackers has copied or viewed any PHI, but the chance of data access/theft cannot be ruled out.

The number of individuals who are affected by this phishing attack was not been finalized yet. Once all the affected individuals will be identified, then all of those affected will receive a breach notification letter by email. The email will also provide information on steps which should be taken, in order to protect against fraud and identity theft.

Oregon Department of Human Services is offering complimentary identity theft recovery and credit monitoring services to all the individuals who are affected by this breach.

» SPAMfighter News - 4/12/2019