No matter how many warnings are issued and how many times employees may be trained to avoid phishing attacks, some will fall for it. But 25 departments of a county government? Was this a failure of training or are the phishing attacks getting harder to detect because of the use of AI to compose the emails? Or is there some other explanation?
Multiple departments of Los Angeles County’s government were successfully breached as part of a wide-ranging phishing campaign conducted in February, officials told Recorded Future News.
Overall, 25 of the county’s 38 departments were affected, but only two health-related agencies have released public notices. They were the only ones required to do so under California state law, according to a spokesperson for the county, because the personal or health information of more than 500 people was compromised in each incident.
The Department of Health Services and the Department of Public Health each disclosed those breaches in recent months, specifying that the phishing incidents occurred between February 19-20.
Read more at The Record.