DCH Health System in Alabama suffered a data breach incident after an employee improperly accessed 2,530 patients' records.
The data accessed included patients’ names, addresses, date of birth, social security numbers, date of encounter, diagnoses, vital signs, medications, test results, and clinical/provider notes.
The employee was suspended immediately upon detection of improper access.
TPRM report: https://scoringcyber.rankiteo.com/company/dch-health-system
"id": "dch232221123",
"linkid": "dch-health-system",
"type": "Data Leak",
"date": "01/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 2530,
'industry': 'Healthcare',
'location': 'Alabama',
'name': 'DCH Health System',
'type': 'Healthcare Provider'}],
'attack_vector': 'Insider Threat',
'data_breach': {'number_of_records_exposed': 2530,
'personally_identifiable_information': ['names',
'addresses',
'date of birth',
'social security '
'numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Patient Information']},
'description': 'DCH Health System in Alabama suffered a data breach incident '
"after an employee improperly accessed 2,530 patients' "
'records. The data accessed included patients’ names, '
'addresses, date of birth, social security numbers, date of '
'encounter, diagnoses, vital signs, medications, test results, '
'and clinical/provider notes. The employee was suspended '
'immediately upon detection of improper access.',
'impact': {'data_compromised': ['names',
'addresses',
'date of birth',
'social security numbers',
'date of encounter',
'diagnoses',
'vital signs',
'medications',
'test results',
'clinical/provider notes']},
'response': {'containment_measures': ['Employee Suspension']},
'threat_actor': 'Internal Employee',
'title': 'Data Breach at DCH Health System',
'type': 'Data Breach',
'vulnerability_exploited': 'Improper Access by Employee'}