In the United States, healthcare industry phishing campaigns have been to blame for exposing the protected health records of well in excess of 90 million Americans over the course of the past year. That’s more than 28% of the population of the United States.

This week, another case of healthcare sector phishing has come to light following the announcement of Connecticut’s Middlesex Hospital data breach. The hospital saw that four of its employees responded to a phishing email, resulting in their email account login details being sent to a hacker’s command and control center. In this case the damage inflicted by the phishing attack was limited, and only 946 patients had their data exposed. Other healthcare groups have not been nearly so fortunate.