Personal and Medical Information of Children and Adults Stolen in DHS Data Breach
Cyberattackers have managed to steal personal and medical information of children and adults involved in Child Protective Services (CPS) and DHS Division of Family & Children Services (DFCS) cases, the Georgia Department of Human Services (DHS) has disclosed.
According to a press release, unauthorized individuals gained access to DHS employee email accounts between May 3 and May 15, compromising customers” personal identifiable information and protected health information (PHI).
“On August 10, 2020, DHS learned that the attackers had been able to retain certain emails that contained personally identifiable information and protected health information of children and adults involved in Child Protective Services (CPS) cases of the DHS Division of Family & Children Services (DFCS),” the notification reads.
Although the type of compromised information varies for each case, cybercriminals managed to exfiltrate information including:
â€¢ Full names of children and household members
â€¢ Dates of birth, age and county of residence
â€¢ DFCS case and identifications numbers
â€¢ Phone numbers and email addresses
â€¢ Social Security numbers
â€¢ Medicaid identification number and Medicaid medical insurance number
â€¢ Medical provider name and appointment date
The breach also exposed psychological reports, counseling notes, medical diagnoses and substance abuse information for 12 individuals, and the bank account number of one.
The DHS said that are contacting affected customers, providing instructions on how to protect against identity theft crimes.
“As of September 21, 2020, DHS examined the emails in question and began identifying the customers whose information had been accessed,” the DHS added.”Affected clients are being contacted directly by DHS, and instructions are being provided on how clients can protect themselves from further harm.”
Cybercriminals sell stolen PHI on dark web marketplaces or use it in identify-theft-related crimes. Victims should be extra vigilant and check their medical insurance statements for any suspicious entries. In case of fraudulent charges, affected individuals should notify their local authorities and healthcare providers.
It is also recommended to watch out for any unsolicited emails that ask to confirm personal or financial information.
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War
August 31, 2022
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor
August 30, 2022
What is medical identity theft and how to protect against it
July 27, 2022
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside
June 28, 2022
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online
June 28, 2022