The California Office of the Attorney General reported that Allcare Medical Management, Inc. experienced a data breach due to unauthorized access to an employee's email account between March 4 and April 20, 2024. The investigation, completed on June 12, 2024, revealed that some personal information of potentially affected individuals may have included names, Social Security numbers, and contact information, although the exact number of affected individuals is unknown.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-589095
TPRM report: https://www.rankiteo.com/company/allcaremedicalmanagement
"id": "all201072625",
"linkid": "allcaremedicalmanagement",
"type": "Breach",
"date": "3/2024",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'California',
'name': 'Allcare Medical Management, Inc.',
'type': 'Company'}],
'attack_vector': 'Email Compromise',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Social Security numbers',
'Contact information']},
'date_detected': '2024-04-20',
'date_resolved': '2024-06-12',
'description': "Unauthorized access to an employee's email account at Allcare "
'Medical Management, Inc. potentially compromised personal '
'information including names, Social Security numbers, and '
'contact information.',
'impact': {'data_compromised': ['Names',
'Social Security numbers',
'Contact information'],
'systems_affected': ['Email Account']},
'initial_access_broker': {'entry_point': 'Email Account'},
'investigation_status': 'Completed',
'post_incident_analysis': {'root_causes': 'Unauthorized Access to Email '
'Account'},
'references': [{'date_accessed': '2024-06-12',
'source': 'California Office of the Attorney General'}],
'title': 'Allcare Medical Management, Inc. Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Unauthorized Access'}