The private info of greater than 200,000 folks in Los Angeles County was doubtlessly uncovered after a hacker used a phishing e-mail to steal the login credentials of 53 public well being staff, the county introduced Friday.
Particulars that have been probably accessed within the February information breach embody the primary and final names, dates of delivery, diagnoses, prescription info, medical document numbers, medical health insurance info, Social Safety numbers and different monetary info of Division of Public Well being purchasers, staff and different people.
“Affected people could have been impacted otherwise and never the entire parts listed have been current for every particular person,” the company stated in a information launch.
The Division of Public Well being will mail notices to these affected by the breach. Anybody who desires to seek out out if their info was uncovered may also name (866) 898-4312 from 6 a.m. to five p.m. Monday by way of Friday.
The information breach occurred between Feb. 19 and 20 when staff acquired a phishing e-mail, which tries to trick recipients into offering vital info reminiscent of passwords and login credentials. The workers clicked on a hyperlink within the physique of the e-mail, pondering they have been accessing a reputable message, in accordance with the company. Extra particulars concerning the phishing e-mail weren’t instantly accessible.
It isn’t clear when officers grew to become conscious of the incursion. A division spokesperson didn’t instantly present solutions to emailed questions on Friday.
In response, officers stated they’ve disabled the impacted e-mail accounts, reset units, blocked web sites that have been recognized as being a part of the phishing marketing campaign and quarantined all suspicious incoming emails.
How do you shield your self?
The county is providing free identification monitoring by way of Kroll, a monetary and threat advisory agency, to these affected by the breach.
People whose medical data have been doubtlessly accessed by the hacker ought to overview them with their physician to make sure the content material is correct and hasn’t been modified. Officers say folks also needs to overview the Clarification of Advantages assertion they obtain from their insurance coverage firm to verify they acknowledge all of the providers which were billed.
People may also request credit score reviews and overview them for any inaccuracies.
Consultants say the best approach to block potential use of your Social Safety quantity is to place a freeze in your credit score information, which is able to forestall anybody from opening a brand new account together with your info. It’s free to position one and you may elevate it when you must. Nonetheless, you need to contact every of the three main credit score bureaus individually, which could be performed on-line.
Occasions deputy editor Jon Healey contributed to this report.