Healthcare organizations are a prime target for data breaches, as they store a substantial amount of personal information that cybercriminals can either sell or use to conduct identity theft, impersonations, scams, and other digital attacks. 

A recent study from the U.S. Government Accountability Office found that data breaches reported to the Department of Health and Human Services (HHS) has  increased from 270 in 2015 to 714 in 2021. The actual number of data breaches is likely higher. 

In this week’s BlackCloak Thursday Threat Update, we explore a data breach affecting a pair of Texas hospitals, as well as a phishing scheme deployed to steal Facebook login credentials.

Texas hospitals experience data breach affecting 1.24 million

What we know: Texas-based Baptist Medical Center and Resolute Health Hospital experienced a data breach affecting more than 1.24 million patients. In a statement on the breach, the two organizations said malware was found within its network on April 20, and that an unauthorized third-party accessed patient information between March 31 and April 24. Compromised data included patients’ names, dates of birth, addresses, Social Security numbers, and medical information. It is believed that no payment card or bank data was exposed in the incident.

Recommendations: Baptist Medical and Resolute Health are providing credit monitoring and identity protection services for anyone whose Social Security number was exposed in the breach. The deadline to activate these services is September 17th. In addition, those whose Social Security numbers are at risk should put a credit freeze and fraud alert on their accounts, and monitor them for any suspicious activity. For the next 90 days, anyone potentially affected by the incident can call the hotline set up by the organizations (1-833-423-2986) toll free.

Phishing attack targets Facebook login credentials

What we know: Facebook Messenger chatbots have been impersonating the company’s customer support team to try and steal Facebook login credentials. The scam starts with an email that claims the target’s Facebook page violates community standards. The target is then presented with a link to appeal the “violation,” which if clicked, takes them to a Messenger conversation with the malicious chatbot. The chatbot will then send a link directing the victim to a fake Facebook support page, where they will be asked to enter their name, email, and phone number. Once they hit submit, they will be asked to enter their account password.

Recommendations: First, it’s important to remember that no reputable organization or agency will ever ask for your login credentials, personal information or money. If you receive a message that claims you, or your accounts, are in danger, and the only way to solve the problem is to turn data points over or pay a sum of money, it’s a scam. Should you run into a social media profile that seems questionable, check out the page itself for clues that it is a fake account. In this instance, the Facebook page associated with the scam had no followers or posts, but said it was “very responsive to messages.” Minimal to no actual engagement is a red flag, and it’s wise to block those pages as soon as possible.

Protect all facets of your digital life

Cyber threats may come in different packages, but you can protect yourself by taking a few steps to secure your accounts and by keeping a sharp eye out for suspicious activity. Learn more about the threat phishing attacks can pose to you and how you can protect your social media accounts. On the topic of social media, read about how to spot social media impersonators, as well as what to do when you see profiles modeled after your own.