California Department of Public Health

California Department of Public Health

The sensitive medical information of citizens of California was exposed by a misconfigured database managed by the California Department of Public Health.

The misconfiguration resulted from an error made by a third-party contractor and led to the breach of names, dates of birth, addresses, and Covid-19-related health information of the citizens.

The department set up a dedicated call center to help out the people of California affected by the breach.

Source: https://portswigger.net/daily-swig/california-public-office-admits-covid-19-healthcare-data-breach

TPRM report: https://scoringcyber.rankiteo.com/company/california-department-of-public-health

"id": "cal184124422",
"linkid": "california-department-of-public-health",
"type": "Breach",
"date": "11/2021",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'Citizens of California',
                        'industry': 'Healthcare',
                        'location': 'California',
                        'name': 'California Department of Public Health',
                        'type': 'Government Agency'}],
 'attack_vector': 'Misconfigured Database',
 'data_breach': {'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['names',
                                              'dates of birth',
                                              'addresses',
                                              'Covid-19-related health '
                                              'information']},
 'description': 'The sensitive medical information of citizens of California '
                'was exposed by a misconfigured database managed by the '
                'California Department of Public Health. The misconfiguration '
                'resulted from an error made by a third-party contractor and '
                'led to the breach of names, dates of birth, addresses, and '
                'Covid-19-related health information of the citizens. The '
                'department set up a dedicated call center to help out the '
                'people of California affected by the breach.',
 'impact': {'data_compromised': ['names',
                                 'dates of birth',
                                 'addresses',
                                 'Covid-19-related health information']},
 'post_incident_analysis': {'root_causes': 'Misconfiguration by a third-party '
                                           'contractor'},
 'response': {'recovery_measures': 'Dedicated call center set up to help '
                                   'affected individuals'},
 'title': 'California Department of Public Health Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Error by a third-party contractor'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.