CSI Laboratories, a cancer screening facility in Georgia, has suffered its second data breach this year. Officials state that this breach is unrelated to the one that was announced in March and affected around 312,000 people. Nearly 245,000 individuals are suspected to be affected by the recent incident. “There were entirely different systems involved. This [phishing] incident did not impact the network,” stated a spokeswoman from CSI. The two attacks are seemingly different in the sense that the first breach was believed to be an attempt to access patient information, while this time around it appears that the threat actors were attempting to commit payment fraud, even though some patient information was accessed as well. Threat actors were able to gain access to an employee email account via phishing. “We believe the access to a single employee mailbox occurred not to access patient information, but rather as part of an effort to commit financial fraud on other entities by redirecting CSI customer health care provider payments to an account posing as CSI using a fictitious email address,” CSI says.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security