A phishing attack at the University of California Davis Health compromised the personal health information of 15,000 patients. An employee responded to a phishing email, giving the hacker access to their email account. The hacker was able to view and potentially obtain patient information, including names, addresses, phone numbers, and in some cases, Social Security numbers and medical records. The health system is evaluating their security measures and offering affected patients free credit monitoring. Government agencies have also been notified about the breach.

Only 1% of malicious emails that reach inboxes deliver malware
In 2024, 99% of email threats to corporations were found to be social engineering or phishing attacks, as per Fortra. Most pre-delivery email defenses struggle