5 phishing emails that led to real-world data breaches

The unfortunate trend of phishing emails is not just confined to relatively harmless, time-wasting emails that a well-trained (in terms of information security) employee can spot and delete without much concern. Sometimes these phishing attempts can actually cause major data breaches that can cost organizations a lot of money and possibly even damage their reputation, all because an untrained or careless employee opens and them and downloads an attachment.

This article will detail five instances where phishing emails led to real-world data breaches.

What is phishing?

For the few of you out there that are still scratching your head when I mention “phishing,” we’re not referring to either the vacation pastime or what you say when you are playing hooky. Phishing is an email-based form of cyberattack where the attacker poses as someone the recipient knows or does business with, with the intent of getting the recipient to download an attachment or click on a link. Attackers play on the trust of the victim and trick them into action. This can lead to data disclosure or malware infection, resulting in disastrous data breaches.

1. New York Oncology Hematology attack

New York Oncology Hematology (NYOHA), a cancer care and blood disorder service provider based in Albany, New York, fell victim to a phishing email scheme in April 2018. This phishing scheme consisted of email directed at NYOHA employees and patients. The attackers used what was deemed a “sophisticated” phishing scheme where NYOHA employees and patients were prompted with a NYOHA login page that requested users enter their email sign-in credentials. The data they entered was then used to access these email accounts.

When the investigation was over, it was determined that at least one email account containing protected health information (PHI) was breached, exposing unauthorized PHI to the attackers. NYOHA responded (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Greg Belding. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/0qM4TABFrwM/