Mercy Hospital Data Breach Probably Self-Inflicted

Mercy Health Hospital (as reported by 19 News) is "investigating" a data breach. Right now, their finger-pointing involves their billing contractor, RCM Enterprise Services, Inc. Mad Max would like to make a prediction: The Mercy data breach is probably self-inflicted and due to their relying on Microsoft Outlook in their SPF record. RCM is fully DMARC enforced, while it wouldn't be hard for The Bad Guys to spoof a Mercy Outlook system administrator and set up  a hook inside the hospital itself. And, as I have previously reported, Microsoft Outlook is dependent upon those crazy enforcers at Agari.

Mad Max
Prophet of the BCK

#mercyhealthhospital #RCMenterpriseservices #outlook #agari #microsoft #dmarc


Popular Posts