Although phishing attacks on healthcare organizations are well-known and common, the last attack reported by the University of Connecticat and its affiliated hospital caused a class-action lawsuit; in fact the attack has potentially breached the data of about 320,000 patients.
The patients argued that UConn Health’s breach only occurred due to their failure to “implement adequate and reasonable cybersecurity procedures and protocols.”
A hacker accessed a number of employee email accounts, which potentially compromised patient names, dates of birth, addresses, and limited medical information. For 1,500 patients, Social Security numbers were compromised.
Watch the full article here