cyber Breach

Billings Clinic

May 11, 2023 1 min read
Billings Clinic

An employee’s email account, that contained the protected health information of approximately 8,400 patients of Billings Clinic in Billings, MT has been illegally accessed.

No financial information was accessed, medical records were not obtained, and no Social Security numbers were held in the account.

The breach was restricted to names, dates of birth, contact information, diagnoses, descriptions of medical services supplied, medical record details and internal financial control numbers.

Source: https://www.compliancejunction.com/billings-clinic-worker-has-email-account-hacked-while-overseas/#:~:text=An%20employee's%20email%20account%2C%20that,unusual%20activity%20activated%20an%20alert.

TPRM report: https://scoringcyber.rankiteo.com/company/billings-clinic

"id": "bil2340101122",
"linkid": "billings-clinic",
"type": "Breach",
"date": "07/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': 8400,
                        'industry': 'Healthcare',
                        'location': 'Billings, MT',
                        'name': 'Billings Clinic',
                        'type': 'Healthcare'}],
 'attack_vector': 'Email Account',
 'data_breach': {'number_of_records_exposed': 8400,
                 'personally_identifiable_information': ['names',
                                                         'dates of birth',
                                                         'contact information'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['names',
                                              'dates of birth',
                                              'contact information',
                                              'diagnoses',
                                              'descriptions of medical '
                                              'services supplied',
                                              'medical record details',
                                              'internal financial control '
                                              'numbers']},
 'description': 'An employee’s email account, that contained the protected '
                'health information of approximately 8,400 patients of '
                'Billings Clinic in Billings, MT has been illegally accessed. '
                'No financial information was accessed, medical records were '
                'not obtained, and no Social Security numbers were held in the '
                'account. The breach was restricted to names, dates of birth, '
                'contact information, diagnoses, descriptions of medical '
                'services supplied, medical record details and internal '
                'financial control numbers.',
 'impact': {'data_compromised': ['names',
                                 'dates of birth',
                                 'contact information',
                                 'diagnoses',
                                 'descriptions of medical services supplied',
                                 'medical record details',
                                 'internal financial control numbers']},
 'initial_access_broker': {'entry_point': 'Email Account'},
 'title': 'Billings Clinic Email Account Breach',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.