AXA Business Mirror Leaderboard

The Los Angeles County Department of Mental Health (LACDMH) just reported to the U.S. Department of Health and Human Services (“HHS”) that its recent hacking incident affected 5,129 people. HHS did not specify whether all individuals affected were patients of LACDMH, but notifications were drafted to both direct adult data breach victims as well as the parents and/or guardians of minors whose information may have been accessed. LACDMH is the largest county mental health department in the country, serving over 250,000 county residents annually.

According to LACDMH, some of its employees were tricked into opening a website link that compromised their email accounts. Those accounts were then used to send out more than 1,000 additional phishing emails. Some of the hacked employee accounts contained confidential patient/client information.

On January 22, 2024, the Los Angeles County Department of Mental Health (LACDMH) fell victim to a phishing email attack. Malicious actors gained unauthorized access to a LACDMH employee’s Microsoft Office 365 account using a technique known as push notification spamming. this technique also called MFA bombarding notifications till agreed many tools are available online for this just need to be cloned on your system and then you are good to go this is what we called script kiddies in our language, but I don’t confirm that it’s all done by script kiddies I don’t think so it’s a huge attack done by some bad actors. I am just informing you that these types of tools are available in market so be aware of that all.

Further The compromised account contained confidential client/patient information due to the employee’s County responsibilities. LACDMH promptly implemented stringent security measures and initiated an investigation.

After reviewing the emails and attachments that could have been accessed or downloaded, LACDMH determined that certain emails contained sensitive information. This information included names accompanied by one or more of the following: name, date of birth, address, telephone number, Social Security number, and medical record number. Not all clients’ information was potentially accessed, but some were impacted differently.

To address the breach, LACDMH began mailing letters to affected individuals whose personal information was involved in the incident. Additionally, a dedicated call center has been set up for inquiries related to the breach. Although Under the CMIA, if you received a Recent Notice of Data Breach from LACDMH, you may be entitled to $1,000 and your actual damages resulting from the negligent release of your confidential information.

and if you suspect your personal information may have been accessed during this incident, you can visit LACDMH’s website for further guidance on protecting your data.

 to call with questions about the incident. If you have any questions or wish to determine if your

information may have been involved in this incident, please call (866) 983-5589, Monday through Friday from 6

a.m. through 3:30 p.m. Pacific Time.

Individuals who are concerned that their personal information may have been accessed during the incident.

should visit LACDMH’s website at The website also contains information regarding

steps that individuals can take to help protect their personal information.

For more information about the Los Angeles County Department of Mental Health, visit their website at


Attack Type: The DMH fell victim to a multi-factor authentication (MFA) attack, also known as push notification spam. This attack method bypasses MFA by bombarding the victim with notifications until they eventually accept it, granting unauthorized access to their account.

Incident Timeline:

Initial Attack: The City of Gardena Police Department (GPD) was targeted first. Threat actors accessed an employee’s GPD Microsoft Office 365 account using a similar MFA attack on January 22nd, 2024.

Email Exchange: The attackers then contacted a DMH employee via email, gaining access to their Microsoft Office 365 account.

Data Compromised: Despite the breach, there’s no evidence that the personal information accessed has been exploited. The compromised data includes names, dates of birth, Social Security numbers, addresses, and medical record numbers.

Response: The DMH promptly disabled affected accounts and reset Microsoft Office 365 and MFA credentials

What Personal Health Information Is may at Risk?

The personal information at risk includes names and one or more of the following:

1) Date of Birth.

2) Social Security Number.

3) Driver’s License number.

4) Medical Information.

5) Health Information.

6) Health Insurance Information.

7) Financial Account Number.

Response and Measures Taken:

LACDMH has taken the following steps in response to the breach:

1) Disabled affected accounts.

2) Reset Microsoft Office 365 and MFA credentials.

3) Implemented stringent security measures.

4) Initiated an investigation.

5) Mailing letters to affected individuals.

6) Set up a dedicated call center for inquiries related to the breach.

Provided resources on their website to protect personal information.


AS per me medical records and health insurance information are even more valuable, as that data can potentially provide access to expensive health care along with other forms of identity theft.

Particularly with data such as Social Security Numbers, cyber thieves may choose to wait years to capitalize on compromised personal data. The longer cyber thieves can go undetected, the more they stand to profit from their illegal activities.

Cybercrimes present an attractive target for hackers:  Data can be bought and sold anonymously, and the going rate per personal record is estimated to be in the range of $20 per record, depending on the type of information (according to Privacy Affairs Dark Web Index of 2021).

now you have understood the importance of your data sometime if we take all the precautions to prevent our data from being breach maybe any third party will breach your data either intentionally or unintentionally like this.


That’s what we called social engineering here playing from your mind god forbade but in this case if your data has been leaked hackers could sell it on dark web or somewhere else and then some of the illegal call centers could buy it and employees thousands to make you fool and I don’t know either its legal or illegal it works like suppose I have brought your all data and put it on excel sheet I have all of your information like your name email telephone social  security medical id  your address so I could  pretend that I am from us medical department and I have all of your information and you just have to confirm me or verify me then I told them that your doctor profile shows in front of my screen that you need some neurological test kit and it is prescribed by your own doctor and obviously I know your doctor names too so then when patient agreed I connect with shipment department then patient receive that kit and if I had done with all the procedure so then I could put half of my commission in my pocket from your medical insurance company that may seems illegal but still not confirm that either its legal or not??


Not every data breach will lead to identity theft. But once you know your data has been disclosed, it is reasonable to be concerned that your data will be used to cause you significant financial losses. Compromised data also increases the risk of hacking, phishing, and increased anxiety over future losses and identity theft. And now LACDMH regrets any inconvenience caused by this breach and has taken additional measures to enhance the security of its computer systems and prevent similar incidents in the future.

Leave a Reply

Your email address will not be published. Required fields are marked *