Advertisement

20 Alberta Health Services staff accounts targeted by phishing scam

About 20 staff accounts of AHS employees were targeted by a phishing scam.
About 20 staff accounts of AHS employees were targeted by a phishing scam. Kin Cheung / AP Photo

A phishing scam targeted nearly two dozen Alberta Health Services (AHS) employees and tried to access their payroll, the health authority said Wednesday.

BLOG: How to protect yourself from ‘phishing’

It said the staff accounts are used to access email and electronic pay records and approximately 20 appear to have been compromised by the scam.

“AHS payroll control prevented any payroll deposits from being transferred fraudulently,” the health authority said in a news release.

“We are providing support to the impacted staff members.”

Receive the latest medical news and health information delivered to you every Sunday.

Get weekly health news

Receive the latest medical news and health information delivered to you every Sunday.
By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

AHS said the scam was analyzed by its information security systems to limit any more personal information breaches.

RELATED: MacEwan University defrauded of nearly $12M in phishing scam

After taking action to stop any fraudulent payroll deposits, AHS said it put new security measures in place to protect staff information. It also brought in forensic experts to determine the size of the breach.

Story continues below advertisement

“It appears that this phishing scam targeted randomly generated staff members and asked them to change personal details within their AHS account,” the agency said.

READ MORE: Full House Lottery suffers breach for 3rd time in 5 months

AHS stressed it has processes in place to deal with these kinds of incidents and takes them very seriously. It is “constantly updating” systems “to protect against the latest cyber attacks.”

Still, the health agency asked employees to be extra vigilant with any suspicious emails.

Phishing is defined as a fraudulent attempt to obtain sensitive information like usernames, passwords or financial information, often by pretending to be a legitimate contact reaching out through email or other electronic communication.

Sponsored content

AdChoices