Centrelake Medical Group, Inc.

On April 16, 2019, Centrelake Medical Group, Inc. suffered a data breach due to unauthorized access to its information system, discovered on February 19, 2019. The incident compromised the personal and protected health information (PHI) of approximately 195,144 California residents, including highly sensitive data such as names, addresses, and Social Security numbers (SSNs). The breach exposed individuals to risks of identity theft, financial fraud, and potential misuse of their medical records. As a healthcare provider, the exposure of PHI also raised concerns about compliance violations under HIPAA (Health Insurance Portability and Accountability Act), which mandates strict safeguards for patient data. The breach not only threatened the privacy of affected individuals but also eroded trust in the organization’s ability to secure sensitive information. The scale of the incident impacting nearly 200,000 people highlighted systemic vulnerabilities in Centrelake’s cybersecurity defenses, with potential long-term reputational and legal repercussions.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-146402

TPRM report: https://www.rankiteo.com/company/centrelake-imaging

"id": "cen442082825",
"linkid": "centrelake-imaging",
"type": "Breach",
"date": "1/2019",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'customers_affected': '195,144',
                        'industry': 'Healthcare',
                        'location': 'California, USA',
                        'name': 'Centrelake Medical Group, Inc.',
                        'type': 'Healthcare Provider'}],
 'data_breach': {'number_of_records_exposed': '195,144',
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information (names, '
                                              'addresses)',
                                              'Protected Health Information '
                                              '(PHI)',
                                              'Social Security Numbers '
                                              '(SSNs)']},
 'date_detected': '2019-02-19',
 'date_publicly_disclosed': '2019-04-16',
 'description': "Unauthorized access to Centrelake Medical Group's information "
                'system, exposing personal and protected health information of '
                '195,144 California residents, including names, addresses, and '
                'Social Security numbers.',
 'impact': {'data_compromised': ['Personal Information',
                                 'Protected Health Information (PHI)'],
            'identity_theft_risk': 'High (SSNs exposed)',
            'systems_affected': ['Information System']},
 'references': [{'date_accessed': '2019-04-16',
                 'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulations_violated': ['Potentially HIPAA (Health '
                                                    'Insurance Portability and '
                                                    'Accountability Act)',
                                                    'California Consumer '
                                                    'Privacy Act (CCPA)'],
                           'regulatory_notifications': ['California Office of '
                                                        'the Attorney '
                                                        'General']},
 'title': 'Centrelake Medical Group, Inc. Data Breach (2019)',
 'type': 'Data Breach'}