The U.S. Department of Health and Human Services reported on October 19, 2023, that Counseling and Recovery Services of Oklahoma experienced a hacking incident involving email phishing that compromised the protected health information (PHI) of approximately 3,365 individuals. The information exposed included names, addresses, dates of birth, Social Security numbers, lab results, and diagnoses.
Source: https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
TPRM report: https://www.rankiteo.com/company/crsoktulsa
"id": "crs354071725",
"linkid": "crsoktulsa",
"type": "Breach",
"date": "10/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 3365,
'industry': 'Healthcare',
'location': 'Oklahoma',
'name': 'Counseling and Recovery Services of Oklahoma',
'type': 'Healthcare Provider'}],
'attack_vector': 'Email Phishing',
'data_breach': {'number_of_records_exposed': 3365,
'personally_identifiable_information': ['names',
'addresses',
'dates of birth',
'Social Security '
'numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['PHI']},
'date_publicly_disclosed': '2023-10-19',
'description': 'A hacking incident involving email phishing compromised the '
'protected health information (PHI) of approximately 3,365 '
'individuals.',
'impact': {'data_compromised': ['names',
'addresses',
'dates of birth',
'Social Security numbers',
'lab results',
'diagnoses']},
'references': [{'date_accessed': '2023-10-19',
'source': 'U.S. Department of Health and Human Services'}],
'title': 'Counseling and Recovery Services of Oklahoma Data Breach',
'type': 'Data Breach'}