Phishing attack on Oregon human services department may have exposed 645,000 people

Nine employees within Oregon's Department of Human Services opened a phishing email on Jan. 8 that may have exposed around 645,000 people, according to the Statesman Journal.

Affected people were within the department's welfare and children services programs. Hackers may have gained access to people's personal health information, but it is unknown if the information was viewed or misused, the Statesman Journal reports.

Oregon officials announced June 18 they would be notifying individuals. Officials officially started mailing affected patients on June 19.

After the nine employees clicked on the phishing email, they reported having problems with their email accounts. By Jan. 28, officials shut down the nine employees' emails. Officials also contacted the Enterprise Security Office Cyber Security team that confirmed the data breach.

An initial review found up to 2 million emails were involved in the data breach. State officials alerted the public on March 21 of the data breach.

Individuals who were affected can receive up to 12 months of identity theft monitoring and recovery services from the state. Oregon also has a $1 million insurance reimbursement policy in place for the affected individuals, reports the Statesman Journal.  

More articles on cybersecurity:
Ohio urology practice told to pay $75K in cyberattack
The evolving role CISOs play in health system risk management: 3 Qs with John Muir's Thomas August
Georgia hospital alerts 10,970 patients of data breach

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.


Featured Content

Featured Webinars

Featured Whitepapers