Source: Sean Pavone via Alamy Stock Photo

The Los Angeles County Department of Public Health has announced that it experienced a phishing attack between Feb. 19 and 20, in which a threat actor accessed the credentials of 53 public health employees.

The credentials were obtained through a phishing email that ultimately allowed the threat actor to compromise the personal information of more than 200,000 people. 

"The first domino to fall is very often the well-meaning employee trying to be helpful, but falling into the criminal's trap," Dror Liwer, co-founder of cybersecurity company Coro, wrote in an emailed statement to Dark Reading. "Older anti-phishing tools, or those embedded into the email platforms, are simply not designed to deal with sophisticated, well executed phishing attacks."

After discovering the attack, the department disabled all affected email accounts, reset and reimaged user devices, and blocked websites that it identified as being part of the phishing campaign. 

Once law enforcement was notified, an investigation was launched where the public health department found that the compromised email accounts may have included sensitive information, including names, date of birth, diagnosis, prescription, medical record numbers/patient ID, Medicare de, Med-Cal number, health insurance information, Social Security number, and financial information. 

"While Public Health cannot confirm whether information has been accessed or misused, individuals are encouraged to review the content and accuracy of the information in their medical record with their medical provider," stated the department's press release, which added that Public Health is providing affected individuals with one year of Kroll, an identity monitoring service.

Individuals who have been impacted will be notified by mail, and individuals who would like to know if they have been impacted can call 1-866-898-4312, from 6 a.m. to 5 p.m. Pacific time.