Ciox Health

Ciox Health reported a data breach involving unauthorized access to an employee's email account between June 24 and July 2, 2021. The breach potentially exposed limited patient information, including names and provider names, but did not include Social Security numbers or financial information. The notification to the affected individuals was made on an unspecified date after the incident was discovered on September 24, 2021.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/8548fa55-7d5f-42db-868d-c558c781c82f.shtml

TPRM report: https://www.rankiteo.com/company/datavant-ciox

"id": "dat229080425",
"linkid": "datavant-ciox",
"type": "Breach",
"date": "6/2021",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'industry': 'Healthcare',
                        'name': 'Ciox Health',
                        'type': 'Healthcare'}],
 'attack_vector': 'Email Compromise',
 'data_breach': {'personally_identifiable_information': ['Names'],
                 'sensitivity_of_data': 'Low',
                 'type_of_data_compromised': ['Names', 'Provider Names']},
 'date_detected': '2021-09-24',
 'description': 'Ciox Health reported a data breach involving unauthorized '
                "access to an employee's email account between June 24 and "
                'July 2, 2021. The breach potentially exposed limited patient '
                'information, including names and provider names, but did not '
                'include Social Security numbers or financial information. The '
                'notification to the affected individuals was made on an '
                'unspecified date after the incident was discovered on '
                'September 24, 2021.',
 'impact': {'data_compromised': ['Names', 'Provider Names']},
 'initial_access_broker': {'entry_point': 'Email Compromise'},
 'title': 'Ciox Health Data Breach',
 'type': 'Data Breach'}