April 25, 2024 at 03:58PM
The Los Angeles County Department of Health Services revealed a data breach involving patients’ personal and health information exposed by a phishing attack on 23 employees’ email credentials. The breached data includes patients’ names, contact information, medical records, and health plan details, though not Social Security Numbers or financial data. The health system is taking steps to address the breach and advise affected individuals accordingly.
Key takeaways from the meeting notes:
– The Los Angeles County Department of Health Services experienced a data breach due to a phishing attack, compromising the personal and health information of patients.
– Data exposed included personal information such as names, addresses, phone numbers, and medical information like diagnosis, treatment, and test results, but did not include Social Security Numbers or financial information.
– Measures taken post-breach include disabling impacted e-mail accounts, resetting and re-imaging compromised employees’ devices, quarantining suspicious incoming e-mails, and raising awareness among employees about the importance of reviewing e-mails cautiously.
– Relevant authorities, including the U.S. Department of Health & Human Services’ Office for Civil Rights and the California Department of Public Health, will be notified about the breach.
– While there’s no evidence of misuse, affected patients are advised to verify the content and accuracy of their medical records with their healthcare providers.
– A response from an L.A. County Health Services spokesperson concerning the incident is pending.