cyber Cyber Attack

Aurora Health Care

May 11, 2023 1 min read
Aurora Health Care

Hackers had stolen personal information from patients at Aurora Medical Center Bay Area.

An email phishing scam around January 1 was used to gain access to the email accounts of several of hospital's employee.

The hackers didn’t get into the hospital's electronic health records system, but they had access to patient’s personal and health information through employee emails.

Information included a patient’s first and last name, maiden name ,marital status,date of birth,street address ,Email address and phone number ,dates of admission,discharge, or treatment ,social security number,medical record number,health insurance account number,medical device number,drivers license number,passport number,bank account numbers,full face photograph.

Source: https://www.greenbaypressgazette.com/story/news/2020/04/17/aurora-health-hackers-may-have-accessed-patients-personal-information/5152983002/

TPRM report: https://scoringcyber.rankiteo.com/company/aurora-health-care

"id": "aur1248291222",
"linkid": "aurora-health-care",
"type": "Data Leak",
"date": "01/2020",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Healthcare',
                        'name': 'Aurora Medical Center Bay Area',
                        'type': 'Hospital'}],
 'attack_vector': 'Phishing',
 'data_breach': {'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Health Information']},
 'date_detected': '2023-01-01',
 'description': 'Hackers had stolen personal information from patients at '
                'Aurora Medical Center Bay Area through an email phishing '
                'scam.',
 'impact': {'data_compromised': ['Patient’s first and last name',
                                 'Maiden name',
                                 'Marital status',
                                 'Date of birth',
                                 'Street address',
                                 'Email address',
                                 'Phone number',
                                 'Dates of admission, discharge, or treatment',
                                 'Social security number',
                                 'Medical record number',
                                 'Health insurance account number',
                                 'Medical device number',
                                 "Driver's license number",
                                 'Passport number',
                                 'Bank account numbers',
                                 'Full face photograph'],
            'systems_affected': 'Employee Email Accounts'},
 'initial_access_broker': {'entry_point': 'Email Phishing'},
 'motivation': 'Data Theft',
 'post_incident_analysis': {'root_causes': 'Phishing Attack'},
 'threat_actor': 'Unknown Hackers',
 'title': 'Data Breach at Aurora Medical Center Bay Area',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Email Accounts'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.