Universal Care, Inc. dba Brand New Day (BND) suffered from a data breach incident in this an unauthorized individual gained access to electronic files stored on computer systems maintained by a third-party vendor that provides patient management software applications to BND and its providers.
The compromised data contained name, date of birth, Medicare ID number, address, and phone number.
They investigated the incident and determined that the files stored by the third-party vendor contained personal information on BND members.
Source: https://www.databreaches.net/brand-new-day-notifies-14005-patients-after-breach-at-vendor/
TPRM report: https://scoringcyber.rankiteo.com/company/brandnewdayhealthplan
"id": "bra115730722",
"linkid": "brandnewdayhealthplan",
"type": "Data Leak",
"date": "03/2017",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Healthcare',
'name': 'Brand New Day (BND)',
'type': 'Healthcare Provider'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'personally_identifiable_information': ['Name',
'Date of Birth',
'Medicare ID Number',
'Address',
'Phone Number'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information']},
'description': 'Universal Care, Inc. dba Brand New Day (BND) suffered from a '
'data breach incident where an unauthorized individual gained '
'access to electronic files stored on computer systems '
'maintained by a third-party vendor that provides patient '
'management software applications to BND and its providers.',
'impact': {'data_compromised': ['Name',
'Date of Birth',
'Medicare ID Number',
'Address',
'Phone Number']},
'threat_actor': 'Unauthorized Individual',
'title': 'Brand New Day Data Breach',
'type': 'Data Breach'}