The attack exposed the personal information of more than 200,000 people in the county.
The Breach
In mid-June, the Los Angeles County Department of Public Health revealed they had been the victim of a data breach.
In a news release, the county said the breach took place between February 19th through February 20th. The hacker used phishing techniques to gain access to the login credentials of 53 Public Health employees. Ultimately, more than 200,000 individuals had personal information leaked.
Once the department discovered the attack, the organization immediately “disabled the impacted email accounts, reset and re-imaged the user’s device(s); blocked websites that were identified as part of the phishing campaign and quarantined all suspicious incoming emails.”
Public Health also sent out additional awareness notifications to remind employees to be vigilant and mindful when reviewing emails, especially if they include links or attachments.
Impacted information from the breach included first and last names of clients, employees, and other individuals, dates of birth, diagnoses, prescription information, medical record information, Medicare/Med-Cal numbers, health insurance information, Social Security numbers, and other financial information.
Public Health noted that impacted individuals would be contacted by mail, but the department does not have addresses for every individual; some may only find out by viewing the department’s public notice.
The department said they will be implementing “numerous enhancements to reduce exposure to similar email attacks in the future,” but did not specify what those safeguards may include.
An Upsetting Trend
For Los Angeles, this attack is part of a growing trend; multiple state and county-funded organizations have been attacked this summer.
In late June, just days following the attack on the Department of Public Health, the Los Angeles Unified School District was impacted by the Snowflake cyberattack. Snowflake, a cloud data storage provider, was attacked in late May, but breach victims are continuing to come forward. In this incident, it is believed that the school was targeted with the intent of selling student and employee data. Outside of LA, Snowflake’s attack impacted numerous organizations, including many in the healthcare sector.
Aiding to the list of breaches, just days ago, The Los Angeles Superior Court, the largest unified trial court in the country, had to unexpectedly close after it was hit by a ransomware attack. The attack allegedly impacted all 36 courthouse locations in the county, which had to delay numerous hearings and trials as security experts repaired the network systems.
While it’s clear that Los Angeles has had a challenging summer, attacks on health departments are also becoming increasingly common. Los Angeles’ Department of Mental Health was attacked in late May, resulting in the exposure of 1,598 individual’s protected health information.
Other states are seeing similar trends; the Wisconsin Department of Health Services announced a breach on the same day as Los Angeles Public Health did. The Wisconsin breach, a result of network hacking, impacted just over 19,000 individuals. A county in Oregon similarly faced a data breach in May as the result of unauthorized disclosure, which impacted 1,092 individuals.
Attacks like these can slow or stall operations, preventing critical government infrastructure from functioning properly. On top of this, the cost of a breach has skyrocketed, with breaches costing an average of $10.93 million for healthcare organizations.
Unfortunately, recent data points to state agencies, particularly in the healthcare industry, being more and more vulnerable to attack. As attacks evolve and increase in sophistication, it’s up to organizations to improve their security.
Understanding Phishing Attacks
Phishing attacks, which caused the breach of LA´s Public Health Department, are unique cyberattacks that bait users into installing malware. Often malicious actors will spoof real individuals by pretending to be that person and setting up an email account similar to the legitimate one.
Attackers frequently target employees, posing as a superior or authority figure needing assistance. The attacker will then embed a link or attachment, which may initially appear legitimate, but when clicked, will install malware onto the user's computer or require users to input their employee information. After this, the attacker may use the employee credentials to gain access to protected information or try to escalate their access.
While some employees can easily spot the generic and vague messages common in phishing attacks, these attackers are becoming increasingly sophisticated, especially with the advent of AI that allows nefarious actors to craft compelling and realistic scenarios quickly.
On top of this, many employees are unfamiliar with these attack methods or what to do when confronted with a suspicious email. A 2023 study found that while 76% of the 400 respondents knew they had a responsibility to keep data safe, 22% said security protocols weren’t strictly enforced. 31% said they didn’t know how to respond to a data breach. These statistics emphasize the importance of employee training but also emphasize the need for on-hand cybersecurity experts and response plans.
How Cloudticity Can Help
Healthcare organizations handle vast amounts of sensitive and valuable data, making them heavily targeted by malicious actors. Despite the threat, a shortage of cybersecurity experts leaves institutions vulnerable and ill-prepared.
That’s where Cloudticity comes in. As a HITRUST certified organization with over 10 years as a leader in managed security for healthcare, we’ve never suffered a data breach. We use a proven security tech stack with the best cybersecurity experts, ensuring your data is safe and any vulnerabilities are promptly addressed.
While attacks, and the associated costs, are rising, Cloudticity helps organizations focus their resources on serving patients instead of security concerns.
Learn how Cloudticity’s Managed Security for Healthcare can help you address cybersecurity needs. Reach out today for a free consultation.