Breach cyber

Academic HealthPlans, Inc.

Aug 6, 2020 1 min read
Academic HealthPlans, Inc.

In July 2021, the Maine Office of the Attorney General disclosed a data breach at Academic HealthPlans, Inc. (AHP), stemming from a phishing attack that compromised employees' email accounts between August 6, 2020, and August 24, 2020. The breach exposed sensitive information, potentially affecting three Maine residents, though the exact nature of the leaked data (e.g., personal, financial, or health-related) was not explicitly detailed. AHP responded by offering two years of identity theft protection services to the impacted individuals, suggesting the compromised data could enable fraud or identity theft. The incident highlights vulnerabilities in email security protocols, as unauthorized access was gained through deceptive phishing tactics, leading to a prolonged exposure window before detection. While the scale appears limited, the breach underscores risks associated with employee-targeted cyber intrusions in healthcare-adjacent organizations.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/445ed3e7-d998-477f-9381-b5c49c0283fb.shtml

TPRM report: https://www.rankiteo.com/company/brandorastudio

"id": "bra434090725",
"linkid": "brandorastudio",
"type": "Breach",
"date": "8/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': 3,
                        'industry': 'Healthcare',
                        'name': 'Academic HealthPlans, Inc. (AHP)',
                        'type': 'Organization'}],
 'attack_vector': 'Phishing',
 'customer_advisories': ['Identity theft protection services offered to '
                         'affected individuals for two years'],
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': True},
 'date_publicly_disclosed': '2021-07-23',
 'description': 'On July 23, 2021, the Maine Office of the Attorney General '
                'reported a data breach involving Academic HealthPlans, Inc. '
                '(AHP) that may have affected three Maine residents. The '
                "breach involved unauthorized access to AHP employees' email "
                'accounts due to a phishing incident that occurred between '
                'August 6, 2020, and August 24, 2020. Identity theft '
                'protection services have been offered to affected individuals '
                'for two years.',
 'impact': {'data_compromised': True,
            'identity_theft_risk': True,
            'systems_affected': ['Email accounts']},
 'initial_access_broker': {'entry_point': 'Phishing (email accounts)'},
 'references': [{'source': 'Maine Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['Maine Office of the '
                                                        'Attorney General']},
 'response': {'remediation_measures': ['Offered identity theft protection '
                                       'services for two years to affected '
                                       'individuals']},
 'title': 'Data Breach at Academic HealthPlans, Inc. (AHP) Due to Phishing '
          'Incident',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.