Vulnerability cyber

CorrectCare Integrated Health

Oct 2, 2024 1 min read
CorrectCare Integrated Health

CorrectCare Integrated Health, a medical claims processor for correctional facilities in Kentucky, experienced a significant cybersecurity breach. The incident, which went undetected from January 22, 2022, to July 7, 2022, led to unauthorized Internet access to two file directories due to a web server misconfiguration. This data breach impacted approximately 600,000 individuals and the disclosure delay until November 2022 resulted in a class action lawsuit that was settled for $6.49 million. Over 100,000 claims were filed, highlighting the extensive nature of the breach and its repercussions.

Source: https://www.hcinnovationgroup.com/cybersecurity/data-breaches/news/55142702/correctcare-data-breach-lawsuit-settles-for-69-million

TPRM report: https://scoringcyber.rankiteo.com/company/correctcare-integrated-health

"id": "cor000100224",
"linkid": "correctcare-integrated-health",
"type": "Vulnerability",
"date": "9/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '600,000 individuals',
                        'industry': 'Healthcare',
                        'location': 'Kentucky',
                        'name': 'CorrectCare Integrated Health',
                        'type': 'Company'}],
 'attack_vector': 'Web Server Misconfiguration',
 'data_breach': {'number_of_records_exposed': '600,000'},
 'date_detected': '2022-07-07',
 'date_publicly_disclosed': '2022-11-01',
 'description': 'CorrectCare Integrated Health, a medical claims processor for '
                'correctional facilities in Kentucky, experienced a '
                'significant cybersecurity breach. The incident went '
                'undetected from January 22, 2022, to July 7, 2022, leading to '
                'unauthorized Internet access to two file directories due to a '
                'web server misconfiguration. This data breach impacted '
                'approximately 600,000 individuals and the disclosure delay '
                'until November 2022 resulted in a class action lawsuit that '
                'was settled for $6.49 million. Over 100,000 claims were '
                'filed, highlighting the extensive nature of the breach and '
                'its repercussions.',
 'impact': {'data_compromised': 'Two file directories',
            'financial_loss': '$6.49 million',
            'legal_liabilities': 'Class action lawsuit'},
 'post_incident_analysis': {'root_causes': 'Web Server Misconfiguration'},
 'regulatory_compliance': {'legal_actions': 'Class action lawsuit settled for '
                                            '$6.49 million'},
 'title': 'CorrectCare Integrated Health Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Web Server Misconfiguration'}
Published by
Jeremy C
Jeremy C
You might also like
Vulnerability cyber

SBI

public 1 min read
A significant security flaw identified in the YONO SBI banking application exposes millions of users to cybersecurity threats. The vulnerability,…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.