June 24, 2018
A phishing attack has been suffered by the Florida Agency for Persons with Disabilities (FAPD), which delivers support facilities for people with infirmities like cerebral palsy, autism, spina bifida, and Downs’s disease.
The phishing attack happened on April 10, 2018 and was limited to a single electronic mail account; nevertheless, that account contained the PHI of 1,951 guardians or customers.
Although no evidence was found to indicate any PHI was viewed or copied by the attacker, PHI access might not be ruled out with 100% confidence. The undermined electronic mail account contained information like names, health information, telephone numbers, addresses, birth dates, and Social Security details.
All customers have now been warned of the breach and have been offered free credit checking facilities for 12 months.
Three days after the attack happened, FAPD adapted a safety upgrade to halt illegal people from retrieving its electronic mail system and additional training on electronic mail safety rules was supplied.
This is not the first phishing attack to be faced by the organization this year. In February, a more widespread phishing attack occurred that led to several electronic mail accounts being retrieved. That phishing attack impacted over 55,000 clients, whose names, birth dates, and Social Security numbers were possibly retrieved.
In October 2004, the Agency for Persons with Disabilities (APD) was founded as an organization separate from the Division of Children and Families, particularly charged with serving the requirements of Floridians with developmental incapacities. Before it was set up, it functioned as the Developmental Infirmities Program. The organization was set up under the supports by Chapter 20, Chapter 393, and Chapter 916 of the Florida Acts. The APD operates with local people and private traders to help people who have developmental inabilities and their relatives. APD also offers help in finding the needs of people with developmental inabilities for supports and facilities.
After the phishing attack in February, FAPD said it had adapted multi-factor verification to stop illegal retrieving of its electronic mail accounts and provided further training for staff members on electronic mail safety measures.