A former employee of Ashley County Medical Center accessed the medical records of patients without authorization.
It compromised the records of 722 patients.
Ashley County Medical Center launched an investigation into the HIPAA violation and determined the nurse had viewed limited patient data for reasons unrelated to the provision of care or treatment.
Patient information was believed to have been accessed out of curiosity.
TPRM report: https://www.rankiteo.com/company/ashley-county-medical-center
"id": "ash201718123",
"linkid": "ashley-county-medical-center",
"type": "Breach",
"date": "6/2017",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 722,
'industry': 'Healthcare',
'name': 'Ashley County Medical Center',
'type': 'Healthcare Provider'}],
'attack_vector': 'Insider Threat',
'data_breach': {'number_of_records_exposed': 722,
'type_of_data_compromised': 'Patient Records'},
'description': 'A former employee of Ashley County Medical Center accessed '
'the medical records of patients without authorization.',
'impact': {'data_compromised': 'Patient Records'},
'investigation_status': 'Investigation Completed',
'motivation': 'Curiosity',
'post_incident_analysis': {'root_causes': 'Unauthorized Access by Former '
'Employee'},
'regulatory_compliance': {'regulations_violated': 'HIPAA'},
'threat_actor': 'Former Employee',
'title': 'Unauthorized Access to Patient Records at Ashley County Medical '
'Center',
'type': 'Data Breach',
'vulnerability_exploited': 'Unauthorized Access'}