Los Angeles Public Health Department Discloses Large Data Breach

The Department of Public Health (DPH) of Los Angeles County has disclosed a data breach that has impacted more than 200,000 individuals. A phishing email was used by an attacker to obtain the login credentials of 53 Public Health employees, resulting in the compromise that took place between February 19 and 20, 2024. The DPH, which provides services to approximately 10 million residents of LA County, has released a statement encouraging individuals to consult with their providers regarding the veracity of their medical records. Despite the fact that it is still uncertain whether any information has been accessed or misused, Kroll is providing impacted individuals with a complimentary year of identity monitoring. The US Department of Health and other pertinent agencies have been informed as mandated by law, and law enforcement agencies have conducted an investigation into the incident. 

The health service has advised all workforce members to exercise caution when evaluating emails, particularly those that contain links or attachments, in response to the breach. This incident occurs in the wake of another recent compromise, which involved the private healthcare provider Ascension in the United States. Ransomware perpetrators gained access to Ascension after an employee inadvertently downloaded a malicious file. As a result, patient appointments were postponed and ambulances were diverted. It is suspected that the attackers have stolen files containing personally identifiable information and protected health information of patients. The critical necessity for healthcare organizations to implement robust cybersecurity measures and exercise increased vigilance in order to safeguard sensitive information is emphasized by these incidents.

Become a Subscriber

Please purchase a subscription to continue reading this article.

Subscribe Now

Read more