Security breach of Broome County possibly compromises personal information
According to Broome County, an unauthorized individual might have access to personal information of the county employees along with individuals receiving the county's care. The personal information may include their medical records, Social Security numbers, as well as bank account information.
In the news release that was sent on Broome County's behalf by Wayne, Pennsylvania-based Mullen Coughlin LLC, the county said that someone has accessed email account of a county employee in between November 20, 2018, and January 2, 2019, and then accessed numerous other accounts having sensitive information, via credential harvesting.
The investigation started when the county learned about changes in direct deposit information of an employee on January 2, 2019. The county said that a computer forensics expert has conducted the investigation; and once the email accounts were reviewed, a list has been compiled on Apr. 1, 2019, of those individuals who might were impacted by this incident.
The personal data of employees and clients associated with following departments or divisions can be at risk: Greater Binghamton Airport, Willow Point Nursing Home and Rehabilitation & Nursing Center, Broome County Department of Social Service, Office for Aging - Broome County, District Attorney's Office - Broome County, Broome County Office of Education and Training, Department of Health - Broome County, Broome County Office of Emergency Services, Broome County Department of Planning and Economic Development, Public Transportation Department - Broome County, Department of Probation - Broome County, Veterans Services Agency - Broome County and Highway Division - Broome County.
The county says that the unauthorized individual could have access to the names, Social Security numbers, dates of birth, bank accounts information or financial information, contact information, medical record numbers, clinical or medical information, patient identification numbers, health insurance information along with claims information, and in one of the cases, credit card information.
"With the exception of direct deposit information for certain county employees, the county cannot confirm whether any specific information within the affected email accounts was actually accessed, viewed or acquired without permission," said the firm on behalf of the county. "They are providing this notification out of an abundance of caution to anyone whose information was accessible within the email accounts".
The county's website has already posted a notification, and the letters will be sent (mailed) to those possibly affected individuals whose mailing address information has been confirmed by the county.
» SPAMfighter News - 6/19/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!