Officials at Los Angeles County disclosed that 25 of the county's 38 departments had the accounts of 283 employees compromised in a sweeping phishing campaign in February, according to The Record, a news site by cybersecurity firm Recorded Future.
Only the county's Department of Public Health and Department of Health Services have reported being impacted by the attack from February 19 to 20, with the former disclosing the breach of data belonging to over 200,000 individuals, including their names, birthdates, Social Security numbers, Medicare numbers, diagnoses, prescriptions, medical record numbers, financial information, and health insurance details. On the other hand, the phishing attack against the DHS affected over 6,000 people. No information was provided regarding the other departments affected by the intrusion, with the county spokesperson noting ongoing investigation by the county District Attorney's Office-Cyber Crime Investigations Unit. Such a disclosure comes after the Los Angeles Unified School District confirmed data exfiltration due to an attack against cloud storage provider Snowflake.