Mercy Hospital Data Breach Probably Self-Inflicted
Mercy Health Hospital (as reported by 19 News) is "investigating" a data breach. Right now, their finger-pointing involves their billing contractor, RCM Enterprise Services, Inc. Mad Max would like to make a prediction: The Mercy data breach is probably self-inflicted and due to their relying on Microsoft Outlook in their SPF record. RCM is fully DMARC enforced, while it wouldn't be hard for The Bad Guys to spoof a Mercy Outlook system administrator and set up a hook inside the hospital itself. And, as I have previously reported, Microsoft Outlook is dependent upon those crazy enforcers at Agari.
Prophet of the BCK
#mercyhealthhospital #RCMenterpriseservices #outlook #agari #microsoft #dmarc