Security News > 2023 > October > City of Philadelphia discloses data breach after five months
The City of Philadelphia is investigating a data breach after attackers "May have gained access" to City email accounts containing personal and protected health information five months ago, in May. While officials discovered the incident on May 24 following suspicious activity in the City's email environment, the investigation found that the threat actors may have accessed emails in the compromised email accounts for at least two months after the City became aware of the incident.
"However, to date, the investigation determined that between May 26, 2023 and July 28, 2023, an unauthorized actor may have gained access to certain City email accounts and certain information contained therein," the breach notice says.
Demographic information, such as name, address, date of birth, social security number, and other contact information; medical information, such as diagnosis and other treatment-related information; and limited financial information, such as claims information.
City officials are yet to provide details on how the attackers breached the City's email accounts and the reasons behind the delay in disclosing the incident for five months.
As reported by The Philadelphia Inquirer, the City's Department of Behavioral Health and Intellectual Disability Services also disclosed a HIPAA breach in June 2020 after the personal health information of individuals it served was compromised following a March phishing attack.
Casio discloses data breach impacting customers in 149 countries.
News URL
Related news
- Free, France’s second largest ISP, confirms data breach after leak (source)
- Interbank confirms data breach following failed extortion, data leak (source)
- How to Effectively Manage a Data Breach (source)
- Amazon confirms employee data breach after vendor hack (source)
- HIBP notifies 57 million people of Hot Topic data breach (source)
- US space tech giant Maxar discloses employee data breach (source)
- Fintech giant Finastra investigates data breach after SFTP hack (source)
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Texas Tech University System data breach impacts 1.4 million patients (source)