A ‘mere’ 10.8% phishing success rate has forced Los Angeles County to notify approximately 756, 000 individuals that their personal information may have been compromised. The attack occurred on May 13, 2016 when 1, 000 County employees received phishing emails. 108 employees were successfully phished. A Nigerian national has been charged in connection with the hack. From a report on The Guardian: Many large organizations would welcome a 10% success rate in their internal anti-phishing training sessions, with 30% and above being common. The 2016 Verizon DBIR suggests that 30% of all phishing emails are opened. The high number of individuals affected from a relatively low number of successes in LA County demonstrates how dangerous phishing attacks can be. The nature of the potentially compromised information is also concerning. “That information may have included first and last names, dates of birth, Social Security numbers, driver’s license or state identification numbers, payment card information, bank account information, home addresses, phone numbers, and/or medical information, such as Medi-Cal or insurance carrier identification numbers, diagnosis, treatment history, or medical record numbers, ” said the County of Los Angeles Chief Executive Office in a statement. Read more of this story at Slashdot.
See more here:
Nigerian Man Charged in Hacking of Los Angeles County Emails
