Concord Hospital Health System

Concord Hospital Health System

Concord Hospital through its routine auditing, detected that an employee had improperly accessed 40 patients’ records, 13 of which had Social Security Numbers in the files.

The individuals were mostly relatives, friends, and acquaintances. The hospital discovered the breach on May 11 and notified those whose records were improperly accessed.

Source: https://www.databreaches.net/concord-hospital-reports-audit-revealed-improper-records-access-by-employee/

TPRM report: https://scoringcyber.rankiteo.com/company/concord-hospital

"id": "con232621123",
"linkid": "concord-hospital",
"type": "Breach",
"date": "07/2011",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': [40],
                        'industry': 'Healthcare',
                        'location': 'Concord, NH',
                        'name': 'Concord Hospital',
                        'type': 'Healthcare'}],
 'attack_vector': 'Internal Employee Access',
 'data_breach': {'number_of_records_exposed': 40,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Patient Records',
                                              'Social Security Numbers']},
 'date_detected': '2023-05-11',
 'description': 'Concord Hospital detected that an employee had improperly '
                'accessed 40 patients’ records, 13 of which had Social '
                'Security Numbers in the files. The individuals were mostly '
                'relatives, friends, and acquaintances. The hospital '
                'discovered the breach on May 11 and notified those whose '
                'records were improperly accessed.',
 'impact': {'data_compromised': ['Patient Records', 'Social Security Numbers']},
 'motivation': 'Unknown',
 'references': [{'source': 'Concord Hospital'}],
 'response': {'communication_strategy': 'Notified affected individuals'},
 'threat_actor': 'Employee',
 'title': 'Improper Access to Patient Records at Concord Hospital',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Improper Access Controls'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.