A Health District in the State of Washington made this year's second data breach announcement on 24th March 2022. Both data breaches at the Spokane Regional Health District (SRHD) occurred when employees fell victim to phishing attacks.
The first one was on 24th January 2022, when the district confirmed that personal data may have been compromised when an unauthorized individual compromised an employee's email account on 21st December 2021.
SRHD recently reported a second data breach caused by the opening of a phishing email by a district employee on 24th February 2022. This latest breach may have exposed the information of 1,260 individuals from two unidentified departments in the district.
Information which may have been involved in the second breach includes names, dates of birth, phone numbers, medications, medical conditions and test results.
JupiterOne's field security director, Jasmine Henry, told Infosecurity Magazine that healthcare is among the most targeted industries because healthcare organizations have a high volume of sensitive data which cyber-criminals can sell for profit.
Lookout's senior manager of security solutions, Hank Schless, said protecting data was a tough job for healthcare organizations. He advised organizations to "create a solid security posture based on a zero-trust philosophy" by "securing employee mobile endpoints as well as your cloud and private apps."