CorrectCare Integrated Health experienced a data breach resulting from a web server misconfiguration, which exposed two file directories over the Internet without authentication. The breach, occurring from January 22, 2022, to July 7, 2022, impacted approximately 600,000 individuals, predominantly comprised of correctional facility medical claims data. This incident was not reported until November 2022, and led to a class action lawsuit. Settlement was reached at $6.49 million, with Chief Judge Danny C. Reeves granting final approval.
TPRM report: https://scoringcyber.rankiteo.com/company/correctcare-integrated-health
"id": "cor001032225",
"linkid": "correctcare-integrated-health",
"type": "Breach",
"date": "9/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"