As we all know by now, cyber threats are everywhere. Cyber criminals will stop at nothing to harvest your bank details, credentials, and other personal information for later malicious use. A recent phishing attack has devastated healthcare provider Elara Caring, demonstrating this perfectly.
The company is one of the largest providers of home-based healthcare services in the United States, and the phishing attack is said to have affected over 100,000 of their patients.
A phishing email was sent to employees which included a link, and once clicked, this enabled a hacker to gain access to several employee accounts.
An investigation ensued after staff became suspicious of unauthorized access to their systems, which confirmed that multiple employee email accounts had been accessed by an unauthorized individual. However, no evidence was found to suggest any patient information in those accounts was viewed or obtained by the attackers. Nonetheless it was not possible to rule out a data breach.
However, a later review of the compromised email accounts revealed they contained the sensitive information of 100,487 patients, including names, addresses, Social Security numbers, driver’s license numbers, Employer ID numbers, financial/bank account information, dates of birth, email addresses and passwords, insurance information and account numbers, and passport numbers.
As perfectly exhibited here, it is very easy for one seemingly innocent email to lead to a heavily damaged reputation, potential ransomware payments, and many more concerning issues.
These cyber criminals will target everybody, are you confident that everyone in your organisation can spot the warning signs of a phishing email? Find out in our Free Click-Prone® Test today.