3,673 Clients got impacted by the Phishing Attack on Partners For Quality Inc
On April 19, 2019, Partners For Quality, Inc. (PFQ) has posted one notice on its website and notified the HHS that more than 3,600 clients were informed about an incident that was discovered by PFQ on February 19, 2019. PFQ, a services and support provider for the individuals with developmental and intellectual disabilities, found unusual activity in the employee email accounts of some employees on Feb. 19, 2019.
Assisted by an outside computer forensics company, Partners For Quality, Inc. determined that an unauthorized individual had accessed three employee email accounts in between Jan. 19, 2019, and Feb. 27, 2019. More analysis of those compromised employee email accounts revealed that they contain sensitive information of employees as well as clients.
The clients affected by this breach had earlier received services from the PFQ, Citizen Care Inc., Allegheny Children's Initiative Inc., Milestone Centers Inc., or Exceptional Adventures.
Many types of highly sensitive PHI (Protected Health Information) as well as some employee information was stored in those compromised employee email accounts like names, Social Security numbers, driver's license numbers, billing information, claims information, dates of birth, medical record numbers, health insurance information, credit card numbers, debit card numbers, banking as well as financial account numbers, usernames along with passwords, PIN numbers, diagnosis information and treatment information.
Even though accessing the data was possible, as of Apr. 19, 2019, no reports were received by PFQ to suggest any employee or client information was misused. All the individuals, whose valid postal address was with PFQ, were notified about this breach by mail.
Partners For Quality, Inc. has already reviewed as well as updated their policies and procedures. Additionally, additional safeguards have been put in place by PFQ in order to improve security of the sensitive information that was stored in their systems.
The affected individuals were given more information about how to safeguard their identities, and also were instructed to monitor and observe their accounts for any signs of fraud and identity theft. Despite the type of information that has been exposed, somewhat surprisingly till now it does not look as if the affected individuals were offered identity theft protection and credit monitoring services. In case the affected individuals are getting any monitoring assistance or protection services, PFQ are not specifically mentioning that in its public disclosure.
As per breach summary on website of HHS' Office for Civil Rights, 3,673 clients got affected by this breach.
» SPAMfighter News - 5/21/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!