Beacon Health System suffered from a data breach incident after that an employee accessed 1200 patient records without authorization.
The compromised information includes first and last name, Social Security number, age, diagnosis, room number, acuity of illness, chief complaint, and potentially financial account information and/or health insurance coverage information.
They conducted an investigation into the occurrence and put strong security measures in place to safeguard the privacy of the information we possess.
To lessen the risk that a similar occurrence would occur in the future, Beacon is revising its employee training programs and putting new policies into place.
Source: https://www.databreaches.net/beacon-health-system-notifies-1200-patients-of-employee-wrong-doing/
TPRM report: https://scoringcyber.rankiteo.com/company/beacon-health-system
"id": "bea16723922",
"linkid": "beacon-health-system",
"type": "Breach",
"date": "05/2017",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 1200,
'industry': 'Healthcare',
'name': 'Beacon Health System',
'type': 'Healthcare'}],
'attack_vector': 'Insider Threat',
'data_breach': {'number_of_records_exposed': 1200,
'personally_identifiable_information': ['first and last name',
'Social Security '
'number',
'age',
'diagnosis',
'room number',
'acuity of illness',
'chief complaint',
'financial account '
'information',
'health insurance '
'coverage '
'information'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['first and last name',
'Social Security number',
'age',
'diagnosis',
'room number',
'acuity of illness',
'chief complaint',
'financial account information',
'health insurance coverage '
'information']},
'description': 'Beacon Health System suffered from a data breach incident '
'after an employee accessed 1200 patient records without '
'authorization.',
'impact': {'data_compromised': ['first and last name',
'Social Security number',
'age',
'diagnosis',
'room number',
'acuity of illness',
'chief complaint',
'financial account information',
'health insurance coverage information']},
'post_incident_analysis': {'corrective_actions': ['revising its employee '
'training programs',
'putting new policies into '
'place']},
'response': {'remediation_measures': ['revising its employee training '
'programs',
'putting new policies into place']},
'threat_actor': 'Employee',
'title': 'Beacon Health System Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Unauthorized Access'}