• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

BEC Attack on Monongalia Health System

You are here: Home / General Cyber Security News / BEC Attack on Monongalia Health System
December 22, 2021

A a few-healthcare facility health process in West Virginia has become the victim of a organization email compromise (BEC) scam that began with a phishing attack. 

Monongalia Wellness Method, Inc. (MHS) experienced no notion that its cybersecurity defenses experienced been penetrated till a seller described not acquiring a payment from the healthcare supplier on July 28, 2021. 

An investigation was released, which established that menace actors had compromised many email accounts belonging to MHS staff between May perhaps 10, 2021, and August 15, 2021, getting unauthorized access to e-mails and attachments. 

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Threat actors applied one account belonging to an MHS contractor to impersonate Monongalia Health Technique and try to fraudulently obtain cash by wire transfer. 

Monongalia Wellbeing Procedure, whose affiliated hospitals are Monongalia County General Hospital Corporation, Preston Memorial Hospital, and Stonewall Jackson Memorial Hospital Organization, issued a info security observe Tuesday.

In the notice, MHS claimed that although the danger actors had not accessed the healthcare provider’s electronic wellbeing data process, some client and personnel information that was saved in the compromised email accounts experienced been breached.

This data involved names, Medicare wellbeing coverage assert numbers (which could have Social Security quantities), addresses, dates of beginning, affected person account figures, wellness insurance plan member ID quantities, clinical record numbers, dates of services, provider names, claims details, professional medical and clinical therapy details, and/or status as a recent or previous MHS client.

MHS has begun mailing observe letters to people whose information may perhaps have been involved in the security incident. 

“From a technology viewpoint, employing verification of domains and senders’ email addresses, although not commonly applied, is a rapid take care of to authenticate domains and emails to decrease the risk of an attack by a ‘doppelganger domain,’” commented KnowBe4’s security recognition advocate, James McQuiggan. 

He included: “For the human ingredient, a robust security consciousness system educates employees to be knowledgeable of the crimson flags, location faux email messages, test the email address, and validate the user by explicitly asking by yourself if you have been expecting the email.”

MHS explained that it “is continuing to overview and enrich its current security protocols and practices, together with the implementation of multi-factor authentication for remote accessibility to its email system.”


Some parts of this article are sourced from:
www.infosecurity-magazine.com

Previous Post: «Cyber Security News Cybercrime Cops Arrest NHS Workers
Next Post: Cyber-Attack on Belgium’s Military Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • NCSC Report Reveals Phishing Lures Increasingly Disguised as Vaccine Appointments
  • Zyxel Issues Patches for 4 New Flaws Affecting AP, API Controller and Firewall Devices
  • Report Explores Child’s Data Safety Legislation Across 50 Countries
  • India’s SpiceJet Strands Planes After Being Hit By Ransomware Attack
  • Critical ‘Pantsdown’ BMC Vulnerability Affects QCT Servers Used in Data Centers
  • 18 Oil and Gas Companies Take Cyber Resilience Pledge
  • Linux-based Cheerscrypt ransomware found targeting VMware ESXi servers
  • Experts Warn of Rise in ChromeLoader Malware Hijacking Users’ Browsers
  • The Added Dangers Privileged Accounts Pose to Your Active Directory
  • Hackers Increasingly Using Browser Automation Frameworks for Malicious Activities

Copyright © TheCyberSecurity.News, All Rights Reserved.