A data breach has resulted in exposing the personal and protected health information of patients of a medical lab chain with multiple Alabama locations.
American Esoteric Laboratories acknowledged the "data security incident" that could impact patients' data security.
An AEL employee's company-issued laptop was stolen that contained sensitive information about some AEI patients and their payment guarantors.
Upon learning of the incident, AEL disabled the affected employee's email account, disabled the stolen laptop's access to its computer network, and reported the laptop theft to the local police.
The laptop, includes "names, addresses, Social Security numbers, dates of birth, health insurance information, and/or medical treatment information."
Source: https://www.al.com/news/birmingham/2018/04/data_breach_could_impact_some.html
TPRM report: https://scoringcyber.rankiteo.com/company/american-esoterics-laboratories
"id": "ame191822622",
"linkid": "american-esoterics-laboratories",
"type": "Breach",
"date": "04/2018",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Healthcare',
'location': 'Alabama',
'name': 'American Esoteric Laboratories',
'type': 'Medical Laboratory Chain'}],
'attack_vector': 'Physical Theft',
'data_breach': {'personally_identifiable_information': ['names',
'addresses',
'Social Security '
'numbers',
'dates of birth'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['personal information',
'protected health information']},
'description': 'A data breach has resulted in exposing the personal and '
'protected health information of patients of a medical lab '
"chain with multiple Alabama locations. An AEL employee's "
'company-issued laptop was stolen that contained sensitive '
'information about some AEI patients and their payment '
'guarantors.',
'impact': {'data_compromised': ['names',
'addresses',
'Social Security numbers',
'dates of birth',
'health insurance information',
'medical treatment information']},
'response': {'containment_measures': ["Disabled the affected employee's email "
'account',
"Disabled the stolen laptop's access to "
'its computer network'],
'law_enforcement_notified': True},
'title': 'Data Breach at American Esoteric Laboratories',
'type': 'Data Breach',
'vulnerability_exploited': 'Unsecured Laptop'}