In Kentucky, Baptist Health Louisville recently informed 880 patients of a phishing attack.
The U.S. Department of Health and Human Services was also informed about the occurrence.
After conducting a comprehensive investigation and immediately shutting down the employee's email accounts and changing the passwords, Baptist Health was unable to completely exclude the possibility that the employee's communications had been seen by an unauthorised third party.
The affected employee's email accounts were then examined by Baptist Health, which confirmed that some of the emails did indeed contain patient information.
The compromised information includes names, dates of birth, medical record numbers, treatment and/or clinical information, and in some cases, Social Security numbers.
A free year of credit monitoring and identity protection is being made available to patients whose Social Security numbers may have been at risk.
TPRM report: https://www.rankiteo.com/company/baptist-health-louisville
"id": "bap0106323",
"linkid": "baptist-health-louisville",
"type": "Data Leak",
"date": "6/2017",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 880,
'industry': 'Healthcare',
'location': 'Kentucky, USA',
'name': 'Baptist Health Louisville',
'type': 'Healthcare Provider'}],
'attack_vector': 'Phishing Email',
'data_breach': {'number_of_records_exposed': 880,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Dates of Birth',
'Medical Record Numbers',
'Treatment and/or Clinical '
'Information',
'Social Security Numbers']},
'description': 'Baptist Health Louisville recently informed 880 patients of a '
'phishing attack. The U.S. Department of Health and Human '
'Services was also informed about the occurrence. After '
'conducting a comprehensive investigation and immediately '
"shutting down the employee's email accounts and changing the "
'passwords, Baptist Health was unable to completely exclude '
"the possibility that the employee's communications had been "
"seen by an unauthorised third party. The affected employee's "
'email accounts were then examined by Baptist Health, which '
'confirmed that some of the emails did indeed contain patient '
'information. The compromised information includes names, '
'dates of birth, medical record numbers, treatment and/or '
'clinical information, and in some cases, Social Security '
'numbers. A free year of credit monitoring and identity '
'protection is being made available to patients whose Social '
'Security numbers may have been at risk.',
'impact': {'data_compromised': ['Names',
'Dates of Birth',
'Medical Record Numbers',
'Treatment and/or Clinical Information',
'Social Security Numbers'],
'identity_theft_risk': True},
'initial_access_broker': {'entry_point': 'Phishing Email'},
'investigation_status': 'Completed',
'post_incident_analysis': {'corrective_actions': ['Shutting down the '
"employee's email accounts",
'Changing the passwords',
'Free year of credit '
'monitoring and identity '
'protection'],
'root_causes': 'Phishing Attack'},
'regulatory_compliance': {'regulatory_notifications': ['U.S. Department of '
'Health and Human '
'Services']},
'response': {'communication_strategy': ['Informed patients',
'Informed U.S. Department of Health '
'and Human Services'],
'containment_measures': ["Shutting down the employee's email "
'accounts',
'Changing the passwords'],
'incident_response_plan_activated': True,
'recovery_measures': ['Free year of credit monitoring and '
'identity protection']},
'title': 'Baptist Health Louisville Phishing Attack',
'type': 'Phishing Attack',
'vulnerability_exploited': 'Human Error / Social Engineering'}