Incident Details
Over 200,000 individuals in Los Angeles County face potential exposure of personal data after a phishing attack compromised the login credentials of 53 public health employees.
Incident
How Did the Breach Happen?
A hacker used a phishing email to steal the login credentials of 53 Public Health employees.
What Data has been Compromised?
First and last names, dates of birth, diagnoses, prescription info, SSNs, and other financial data of DPH clients, employees, and others.
Why Did the company's Security Measures Fail?
Employees fell victim to a phishing email, exposing login credentials and enabling the breach.
What Immediate Impact Did the Breach Have on the company?
Public Health disabled impacted accounts, reset devices, and notified law enforcement. They are offering identity monitoring services and establishing call centers for those affected.
How could this have been prevented?
Regular security awareness training to recognize phishing attempts and implementing multi-factor authentication could have prevented this breach.
What have we learned from this data breach?
The importance of robust employee cybersecurity training and proactive measures to safeguard sensitive information.
Summary of Coverage
A phishing attack on the Los Angeles County Public Health Agency resulted in the compromise of personal data of over 200,000 individuals, shedding light on the critical need for enhanced cybersecurity measures and staff training.