14 DAY TRIAL // The Saint Louis University (SLU) is notifying 3,000 people that their protected health information might have been compromised after some of the institution’s employees fell victim to a sophisticated phishing scam.
According to SLU, the phishing emails were sent out on July 25 when some employees provided their account information to cybercriminals. The incident was discovered only on August 8.
Ten of the employees had direct deposit information changed, but there’s no evidence that unauthorized financial transactions occurred. 20 of the compromised SLU email accounts contained the personal health information of 3,000 individuals. They also contained the social security numbers of 200 people.
“At this time, all evidence suggests that the main target of this scam was the financial information of University employees who received the phishing email. A number of colleges and universities have been targeted with similar schemes in recent months,” SLU stated.
Impacted individuals are being provided one year of free credit monitoring and identity theft protection services.