Two phishing attacks on Minnesota DHS breach 21,000 patient records

Two employees of the Minnesota Department of Human Services were victims of phishing attacks, potentially breaching 21,000 patient records. The attacks began in June and July, but were not discovered until August. The emails contained personal information such as names, addresses, phone numbers, and Social Security numbers. The department is still investigating the breach and is focusing on employee education and security event response. Phishing attacks have been a persistent problem in the healthcare sector and can be difficult to detect.