645,000 Oregon citizens were affected in a considerable phishing episode. Personally identifiable information could have been compromised following the massive data exposure.

The incident took place in January, 2019 – on January 9 a problem was reported by a few employees who would have their accounts accessed till January 28, when the Enterprise Security Office Cyber Security team verified the source of a data breach claiming a phishing campaign to be a cause.

About 2 million emails could have allegedly been exposed to the violators.

Names, addresses, Social Security numbers, case numbers, PHI, and information used in Demographic and Health Surveys programs were among the exposed details.

Protected Health Information is known to be safeguarded by HIPAA which is to be reckoned with. There has been an increase in personal data theft in healthcare this year which has been revealed in many statistical reports.
DHS insists that the systems are supervised and the staff is trained but phishing is still a relevant issue.

According to ProofPoint’s State of the Phish 2019 Report 60 – 83% of information security officers confronted phishing attacks in 2018. Verizon’s report stated that “phishing and pretexting represent 98% of social incidents and 93% of breaches.”