By Jeff Wardon, Jr., Assistant Editor

The Los Angeles County Department of Health Services recently reported a data breach affecting thousands of patients due to a phishing attack that targeted around 23 employees, according to Bleeping Computer. This breach exposed personal and health information stored in the employees' email accounts. Approximately 6,085 individuals' data may have been affected. The compromised data included names, dates of birth, contact details, medical records, diagnoses, treatments, and health plan information.

Following the breach, the health services department took several measures, including disabling affected email accounts, resetting devices, and educating employees on email security.

Phishing attacks are an attempt to steal sensitive information, usually usernames, passwords, credit card numbers, bank account information or other important data to use or sell the stolen information, according to Cloudflare.

Related: UNC Hospitals & School of Medicine Target of Phishing Attack

These attacks are one of many ways cyberattacks occur, so defending against them is pertinent to protecting valuable and sensitive data. There are four key methods to protect against phishing attacks, according to the U.S. Federal Trade Commission (FTC):

• Protect computers by using security software and set the software to automatically update so it can quickly deal with new threats.
• Protect mobile devices by turning on automatic updates.
• Protect accounts by using multi-factor authentication (MFA), this will require two or more credentials to successfully log in to an account.
• Protect data by backing it up – back up computer data to an external hard drive or the cloud. Do this on phones, too.

Ultimately, it is up to the facility manager to work with their IT departments to make sure security systems stay up to date, so attacks do not breach their cyber defenses.

Jeff Wardon, Jr. is the assistant editor for the facilities market.