Back to Email phishing

Email phishing

Broome County data breach exposes personal and medical information of residents.

broome-county-security-breach

On May 31, 2019, Broome County, New York revealed that it suffered a data breach after attackers gained access to employee email accounts and HRMS systems via email phishing. The compromised information included names, dates of birth, Social Security numbers, credit card information, and contact details. Medical information including medical record numbers, patient identification numbers, diagnoses, treatment records, and health insurance claims were also exposed in the attack.

What happened.

On January 2, 2019, Broome County detected some unusual activity in one of its employee accounts and subsequently launched an investigation with the help of a cybersecurity forensics team. The investigations revealed that attackers accessed employees' email and PeopleSoft accounts between November 20, 2018 and January 2, 2019. The attackers gained access to the users' credentials via a phishing email sent to unsuspecting employees.

The extent of the attack

On April 1, 2019, the county reported that the impacted individuals belonged to the following departments:

  • Willow Point Nursing Home
  • Willow Point Rehabilitation & Nursing Center
  • Greater Binghamton Airport
  • Broome County Department of Social Security
  • Broome County District Attorney's Office
  • Broome County Office for Aging
  • Broome County Office of Education and Training
  • Broome County Office of Emergency Services
  • Broome County Department of Health
  • Broome County Department of Planning and Economic Development
  • Broome County Department of Probation
  • Broome County Department of Public Transportation
  • Broome County Highway Division
  • Broome County Veterans Services Agency

Broome County will be notifying all affected individuals regarding the breach. Apart from that, they have taken important security measures, including multi-factor authentication and training for employees to avoid such mishaps in the future.

Cyberattacks on government agencies are on the rise. Attackers use techniques like phishing, brute force, and credential stuffing to gain access to email accounts. Stay one step ahead of attackers by investing in a smart tool like Exchange Reporter Plus, which monitors and thwarts email-bound cybersecurity threats. Download a free, 30-day trial of Exchange Reporter Plus today.

How ManageEngine can help:

Exchange Reporter Plus provides a host of reports that can help you locate suspicious emails, both sent and received, based on keywords in their subject or body. Appearing to be valid, these malicious emails trick users into opening them and clicking on the links embedded in them, which can cause serious damage.

With Exchange Reporter Plus, you can locate emails based on:

  • Messages by subject keyword. Use reports to identify particular keywords in the email subject lines.
  • Messages by body keyword. Identify all the messages in your mailbox that have a particular keyword in the body of the email.
  • Attachment name. Get a report of all the emails in your mailbox that have an attachment with a specific name. If you know the names of the malicious files, you can take the necessary steps to stop email-bound threats.
  • Attachment type. You can spot malicious software based on an attachment’s file extension (most malware comes in an EXE format).
  • Non-owner mailbox access. Obtain reports on all users who gained excessive rights to access other user mailboxes.
  • The number of emails received from a specific domain, sender, department, or external email address. Get reports on all incoming emails from an external email address, a blacklisted sender or domain, or a specific department.
  • Messages by subject keyword
    Messages by body keyword
    Attachments by file name keyword
    Attachments by file extension keyword

Explore more features in ExchangeReporter Plus, and gain valuable insights into your Exchange environment by downloading a free, 30-day trial of Exchange Reporter Plus today.

If you're using Exchange Online in your environment, O365 Manager Plus offers an advanced Office 365 mailbox content search capability that identifies phishing emails by analyzing internet message headers, subjects, attachments, and bodies of emails. With this feature, you can identify the sender's email address, the device and OS used to compose the email, and the servers that the email passed through.

Start your free, 30-day trial of O365 Manager Plus today to try out all these features.

Latest DoS and DDoS attacks

Latest Brute force attack

Latest Crypto ransomware

Latest Advanced persistent threat (APT)

Compliance violation

Stay In The Know

Subscribe to our digest to get your weekly dose of cyber security updates straight to your inbox.

Please enter a business email id
 

By clicking 'I’m interested', you agree to processing of personal data according to the Privacy Policy

© 2019 Zoho Corporation Pvt. Ltd. All rights reserved.