cyber Breach

Carle Health

May 5, 2023 1 min read
Carle Health

Carle health system suffered from a data breach incident due to a vendor error in August 2016.

The compromised file included information like patients’ names, medical record numbers, dates of service, reasons for visits, names of physicians, Carle account numbers, and diagnosis and treatment codes.

No social security numbers and financial information were included in the files.

Carle health investigated the incident and asked vendors to re-enforce education regarding the secure transfer of patient information.

Source: https://www.databreaches.net/carle-health-system-warns-of-data-breach-due-to-vendor-error/

TPRM report: https://scoringcyber.rankiteo.com/company/carle-foundation-hospital

"id": "car0423622",
"linkid": "carle-foundation-hospital",
"type": "Breach",
"date": "08/2016",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Healthcare',
                        'name': 'Carle Health System',
                        'type': 'Healthcare'}],
 'attack_vector': 'Vendor Error',
 'data_breach': {'sensitivity_of_data': 'Medium',
                 'type_of_data_compromised': ["Patients' names",
                                              'Medical record numbers',
                                              'Dates of service',
                                              'Reasons for visits',
                                              'Names of physicians',
                                              'Carle account numbers',
                                              'Diagnosis and treatment codes']},
 'date_detected': '2016-08',
 'description': 'Carle Health System experienced a data breach in August 2016 '
                'due to a vendor error. The compromised file included patient '
                'information such as names, medical record numbers, dates of '
                'service, reasons for visits, names of physicians, Carle '
                'account numbers, and diagnosis and treatment codes. No social '
                'security numbers or financial information were included. '
                'Carle Health investigated the incident and emphasized secure '
                'transfer of patient information to vendors.',
 'impact': {'data_compromised': ["Patients' names",
                                 'Medical record numbers',
                                 'Dates of service',
                                 'Reasons for visits',
                                 'Names of physicians',
                                 'Carle account numbers',
                                 'Diagnosis and treatment codes']},
 'post_incident_analysis': {'corrective_actions': 'Re-enforce education '
                                                  'regarding the secure '
                                                  'transfer of patient '
                                                  'information',
                            'root_causes': 'Vendor error'},
 'response': {'remediation_measures': 'Re-enforce education regarding the '
                                      'secure transfer of patient information'},
 'title': 'Carle Health System Data Breach',
 'type': 'Data Breach'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.