On January 3, 2020, Minnesota-based Alomere Health hospital notified its patients that their data may have been exposed in a security incident. The exposed patients’ data includes their names, addresses, dates of birth, medical record numbers, health insurance information, and treatment information. For a few patients, Social Security numbers (SSNs) and driver's license numbers might have also been compromised.
The attack was first detected on November 6, 2019. With the help of a third-party cybersecurity forensics expert, the hospital identified that an attacker had gained access to an employee’s email account between October 31, 2019 and November 1, 2019. On November 6, 2019, another employee’s email account was compromised. There was no evidence to suggest that the unauthorized user viewed the attachments or extracted the information of 49,351 patients available in the emails. However, to be cautious, they reviewed the contents of the compromised email accounts and prepared to notify the affected patients about the attack. Alomere Health is also providing credit monitoring services to the patients whose SSNs and driver's license numbers were affected.
Attackers usually resort to familiar, effective techniques, like phishing scams, to gain access to email accounts. A smart tool like Exchange Reporter Plus enables organizations to stay ahead of attackers by monitoring for and thwarting email-bound cybersecurity threats. Download a free, 60-day trial of Exchange Reporter Plus today.
Exchange Reporter Plus provides a host of reports that can help you locate suspicious emails, both sent and received, based on keywords in their subject or body. Often times, these malicious emails appear to be valid, tricking users into opening the emails and clicking on links embedded in them, which can cause serious damage.
With Exchange Reporter Plus, you can locate emails based on:
In addition, ManageEngine M365 Manager Plus provides an advanced Microsoft 365 mailbox content search capability that identifies phishing emails by analyzing internet message headers, subjects, attachments, and bodies of emails. With this feature, you can identify senders' email addresses, the platform used by the attackers, and the servers the emails passed through.
Start your free, 30-day trial of M365 Manager Plus today to try out all these features.
© 2022 Zoho Corporation Pvt. Ltd. All rights reserved.
You will receive weekly cybersecurity news soon!