cyber Breach

Baystate Health

May 5, 2023 1 min read
Baystate Health

Baystate Health, was targeted in a phishing attack through emails that exposed the personal information 13,000 patients.

The compromised information included patients’ names and dates of birth, diagnosis, treatment received, medical record number and, in some instances, health insurance identification number.

Emails did not contain Social Security numbers, credit card numbers or other financial information.

They reported the incident to law enforcement and immediately took steps to secure the email accounts.

Source: https://www.databreaches.net/ma-information-of-13000-baystate-patients-possibly-compromised-due-to-phishing/

TPRM report: https://scoringcyber.rankiteo.com/company/baystate-health

"id": "bay14465622",
"linkid": "baystate-health",
"type": "Breach",
"date": "08/2016",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 13000,
                        'industry': 'Healthcare',
                        'name': 'Baystate Health',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Email',
 'data_breach': {'number_of_records_exposed': 13000,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Health Information']},
 'description': 'Baystate Health was targeted in a phishing attack through '
                'emails that exposed the personal information of 13,000 '
                'patients. The compromised information included patients’ '
                'names and dates of birth, diagnosis, treatment received, '
                'medical record number and, in some instances, health '
                'insurance identification number. Emails did not contain '
                'Social Security numbers, credit card numbers or other '
                'financial information. They reported the incident to law '
                'enforcement and immediately took steps to secure the email '
                'accounts.',
 'impact': {'data_compromised': ['Names',
                                 'Dates of Birth',
                                 'Diagnosis',
                                 'Treatment Received',
                                 'Medical Record Number',
                                 'Health Insurance Identification Number']},
 'initial_access_broker': {'entry_point': 'Email'},
 'response': {'containment_measures': 'Secured email accounts',
              'law_enforcement_notified': True},
 'title': 'Baystate Health Phishing Attack',
 'type': 'Phishing Attack'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.