.png?width=200&height=78&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
Know Your Breach: UC San Diego Health
Jul 29, 2021 12:42:32 PM
The target: UC San Diego Health, the academic health system of the University of California.
The take: Exposure of personally identifiable information including: full name, address, date of birth, email, fax, claims information, medical diagnosis and conditions, social security number, student ID number and password, payment card number or financial account number.
The attack vector: The breach occurred when an employee clicked on a phishing email and unknowingly gave away their login credentials, company username and password, to the attackers. Using the employee’s legitimate credentials, the threat actors accessed the sensitive data.
Phishing attacks against individual employees remain one of the greatest security threats to an entire organization. Regular social engineering and awareness testing and training, along with tone-from-the-top messaging to emphasize the importance of critical thinking and caution are crucial to protecting sensitive information assets.
