United Way of Connecticut, Inc. recently reported a data breach involving an employee email account that resulted in the exposure of protected health information for up to 8,039 individuals. The breach occurred on May 29, 2024, when an employee fell victim to a phishing attack, giving the attacker unauthorized access to their email account. The email account was reviewed following the breach, but no other systems within the organization were compromised. Although it is possible that fewer individuals were affected, the decision was made to report the breach based on the maximum number of potentially impacted individuals.
The compromised email account contained sensitive information related to protected health data. United Way of Connecticut has taken immediate action to mitigate any further damage, including reviewing the affected email account. Additionally, the organization is notifying all potentially affected individuals and offering them complimentary credit monitoring services to safeguard their personal information from potential misuse.
The breach highlights the growing threat of phishing attacks targeting healthcare organizations and other entities that manage sensitive information. Phishing remains a common tactic used by cybercriminals to steal credentials and gain unauthorized access to systems, often leading to data breaches. As more organizations report similar incidents, the importance of implementing robust cybersecurity measures and ongoing employee training becomes even more critical to protecting sensitive data.
In response to the breach, United Way of Connecticut has worked with relevant regulatory bodies, including the U.S. Department of Health and Human Services’ Office for Civil Rights, to ensure that the incident is properly addressed. The breach notice was filed in accordance with federal regulations, and the organization is committed to transparency regarding the incident. They continue to assess their security protocols to prevent future breaches and minimize the risk of cyberattacks in the future.
Reference:
