The city of Philadelphia has released a notice of a data breach that occurred in the late spring.
What happened
According to the breach notice, the city noticed suspicious activity in its email channels on May 24, 2023.
While the investigation is ongoing, investigators determined that between May 26 and July 28, an unauthorized actor may have gained access to Philadelphia city emails and other information.
They later learned that affected individuals may have also had protected health information exposed. Information breached varies by person, but the city believes it may include names, dates of birth, Social Security numbers, contact information, medical information, and, for some, financial information.
What they're doing
The city now says they are conducting a "comprehensive, programmatic and manual review of the potentially impacted email accounts." If they determine personal information or protected health information was affected, they will confirm the identities and contact affected individuals through a written letter.
The city also claims they are reviewing their "existing policies and procedures, implementing additional administrative and technical safeguards to further secure information in our care, and providing additional training on how to safeguard information in our email environment."
Currently, it's unclear the total number of affected individuals, but as their investigation unfolds, we will likely learn more.
Why it matters
Paubox has seen many breaches affecting healthcare and governmental organizations. Not only do these breaches result in personal information being potentially leaked or sold, but they can also result in costly investigations, cybersecurity updates, and penalties or lawsuit fees.
Adding to the complexity, a 2023 survey revealed that many employees are unaware of proper cybersecurity measures, leading to avoidable data breaches from common tactics, such as phishing emails.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS) recently released a new toolkit to improve data security.
New strategies are needed now more than ever, as healthcare companies and companies that process protected data are increasingly targeted by malicious actors.
Cyberattackers are also using more intricate strategies, making it difficult for organizations to determine when an attack occurred. In the case of Philadelphia City, suspicious activity was first detected in May but was only stopped in July.
It can be much more challenging to respond to an attack after or while it is taking place. The best cybersecurity strategies involve preventative measures and a robust security system.
Related: HIPAA Compliant Email: The Definitive Guide
The big picture
The City of Philadelphia is still investigating the breach and determining the best next steps. Any organization that handles personal data or protected health information should carefully consider how attacks like these may have occurred and what the organization can do to prepare and prevent future attacks.
Abby Grifno
