Saint Louis University Health Records Compromised by Phishing Scams
The health records of about 3,000 members of Saint Louis University were exposed after university employees fell victim to a phishing scam this past summer, according to Campus Technology. About 20 university email accounts containing personal health data for those 3,000 people were compromised, and banking details were changed for about 10 employees, though no unauthorized financial transactions occurred.
…according to a message posted on the institution’s Web site, some employees had provided secure account information in response to a “sophisticated phishing email scam they received on July 25.” The subject line of those messages read, “SLU incident where your SLU Net ID may have been compromised” and it appeared to come from a university account. Once recipients clicked on the spam link, the landing page attempted to replicate mySLU, a university portal site for online tools.
Remember: CASIT and UO Information Services will never send out emails asking for account usernames, passwords, and PAC codes. This type of information should never be sent to anyone over email.
Want to learn more about phishing scams and how to identify them? Check out our guide on phishing emails.