Attacks Cloud Data Executive Decisions IoT Malware Mobile Network Security Strategy Threat Defense
Hub Image

Incident Of The Week: Oregon DHS Target Of Phishing Attack

Nine employees phished causing data breach of 645,000 clients

Add bookmark
Alarice Rajagopal
data breach phishing attack Oregon DHS

A cyber attack that originally dates back to January was determined to be a targeted spear-phishing campaign, where nine Oregon Department of Human Services employees fell victim to emails compromising an estimated 350,000 patients. While the data breach was still under investigation by a third-party security team, it was not yet determine the exact number of patients impacted by the incident.

This week, it has been reported that the Oregon DHS recently began notifying about 645,000 clients that their personal data was potentially breached during this phishing attack. Nine employees fell for the email campaign providing their user credentials, giving hackers full access to more than 2 million emails.

PHI Involved In Cyber Attack

It took the Oregon DHS and Department of Administrative Services Enterprise Security Office approximately three weeks to detect the problems, which were reported by some of the nine employees involved with the malicious emails. Officials immediately reset passwords to stop unauthorized access and remote access.

See Related: “Healthcare CISO Explores A Recent Outbreak Of Breaches

On March 21, the Oregon DHS posted an update on the breach, but just started notifying the increased number of patients involved on June 19. While it was also reported that there was no malware installed on the network, and no other email accounts compromised, hackers had access to the accounts for 19 days – giving them access to patient data, case numbers, Social Security numbers and other protected health information.

In Minnesota in 2018, the DHS also experienced a phishing attack that breached data for months before it was detected. It was later determined that lack of staffing and resources made the attacks tough to detect, making government agencies a major target for hackers.

How To Detect A Phishing Attack

The most common phishing emails incorporate two elements: a sense of urgency or a request for help. This could mean an email saying that an invoice was overdue, or an email purporting to be from a colleague asking for help on a project at work.

Some phishing emails are so clever IT professionals have been duped as well. Enterprises can reduce the likelihood of a successful phishing attack through ongoing employee education and phishing-filtering software. They should also reduce the impact to the organization of a successful attack through endpoint protection, two-factor (or multi-factor) authentication, security patches, and changing passwords regularly.

Read Last Week’s Incident: “U.S. Customs And Border Protection Breach

Tags: Cyber Security Incident of the Week Phishing Spear Phishing Cyber Attack Data Breach U.S. Department of Health & Human Services IT Target Phishing attack Spear Phishing cyber attack DHS target Oregon DHS target incident DHS enterprise Oregon
info@cshub.com/r/n

We hope you enjoy All Access from CS Hub!!<\/p>\r\n<p>Best Regards,<\/p>\r\n<p><a href=https://www.cshub.com/"https:////www.cshub.com///" target=\"_blank\">CS Hub Team<\/a><\/p>\r\n<p>P.S. Be sure to check out our other upcoming <a href=https://www.cshub.com/"https:////www.cshub.com//events?filter_format=ONLINE\%22 target=\"_blank\">All Access events here<\/a>.<\/p>\r\n<p>--------------------------------<\/p>\r\nConnect with us on Social Media: <a href=https://www.cshub.com/"https:////www.linkedin.com//groups//12067996///" target=\"_blank\">LinkedIn<\/a> | <a href=https://www.cshub.com/"https:////twitter.com//CSHubUSA/" target=\"_blank\">Twitter<\/a><\/p>\r\n<p>--------------------------------<\/p>\r\n<p>FAQS<\/p>\r\n<p><b>Can I invite my colleagues?<\/b><br>Yes of course! Please send them this link so they can register for free! [WebUrl]<\/p>\r\n\r\n<p><b>How do I access the sessions?<\/b><br>\r\nAll Access is run on Zoom Events. You should receive an email shortly from Zoom Events with your unique All Access link to the event lobby. Please hold on to that email ahead of the event. We\u2019ll also send you a reminder 24 hours before we go live!<\/p>\r\n\r\n<p><b>Will the agenda be updated?<\/b><br>\r\nYes, the agenda will be continuously updated on the website with the latest sessions & speakers. As we get closer to the event, also look out for our weekly updates which will also include the latest updates information and link to access the event.<\/p>\r\n<p><b>Can I access the sessions On Demand?<\/b><br>\r\nEvery session will be available after the event via the event lobby. We\u2019ll also send you a reminder about the On Demand sessions which will be sent to you after the event is over.<\/p>\r\n<p>--------------------------------<\/p>\r\n<p>RELATED RESOURCES TO READ BEFORE YOUR EVENT<\/p>\r\n<ul>\r\n <li><a href=https://www.cshub.com/"https:////www.cshub.com//executive-decisions//reports//cs-hub-mid-year-market-report-2022?utm_source=eco-event-confirmation-email&utm_medium=email&utm_campaign=eco-event-confirmation-email\%22 target=\"_blank\">CS Hub Mid-Year Market Report 2022<\/a><\/li>\r\n <li><a href=https://www.cshub.com/"https:////www.cshub.com//security-strategy//reports//ciso-strategies-for-proactive-threat-prevention?utm_source=eco-event-confirmation-email&utm_medium=email&utm_campaign=eco-event-confirmation-email\%22 target=\"_blank\">CISO strategies for proactive threat prevention<\/a><\/li>\r\n <li><a href=https://www.cshub.com/"https:////www.cshub.com//security-strategy//reports//how-to-strengthen-email-security-and-protection-against-advanced-ransomware-attacks?utm_source=eco-event-confirmation-email&utm_medium=email&utm_campaign=eco-event-confirmation-email\%22 target=\"_blank\">How to strengthen email security and protection against advanced ransomware attacks<\/a><\/li>\r\n<\/ul>","event_registration_srs_confirmation_email":null,"assets_from_cdn":true},"bant_disabled":0,"sponsorship_disclaimer":null,"sponsorship_disclaimer_text":null,"sponsorship_disclaimer_checkbox_disabled":0,"ext_treat_id":null,"recording_url":null,"file_attachment":null,"ingo_enabled":null,"ingo_activator_id":null,"ingo_autofiller_id":null,"ingo_amplifier_id":null,"ingo_authorizer_id":null,"restricted_content":0,"featured_events_embedded":[],"featured_content_embedded":[],"featured_content_portal_embedded":null}" >

FIND CONTENT BY TYPE

News Case Studies Interviews White Papers Videos

Cyber Security Hub COMMUNITY

About Us Power10 Contact Us Advertise with us Cookie Policy User Agreement Become a Contributor All Access from CS Hub Become a Member Today Media Partners

ADVERTISE WITH US

Advertise Now

JOIN THE Cyber Security Hub COMMUNITY

Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.

Cyber Security Hub, a division of IQPC

© 2026 All rights reserved. Use of this site constitutes acceptance of our User Agreement, Privacy Policy and Cookies Settings.

Careers With IQPC | Contact Us | About Us | Cookie Policy