at symbol held by a fish hook on a blue code background

Target – FAPD Phishing HIPAA Breach

On June 1st, the Florida Agency for Persons with Disabilities (FAPD) disclosed that a phishing attack had compromised a single email account. The email account contained information that had PHI of over 1,951 customers and/or guardians. Although no evidence was gathered that indicated the information was accessed, FAPD could not completely rule out that it had not been. As a result, FAPD is providing the potentially affected patients with breach credit monitoring services for the following year for free.

The Proficio Threat Intelligence Recommendations:

  • Implement multi-factor authentication for email access of users that may access ePHI
  • Validate that auditing has been enabled to prove what emails were accessed during a user session
  • Limit email access to IP addresses geolocated within the organization’s place of business

General Info – Click Here

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published.