Equitas Health

Equitas Health, Inc. learned that they became the victim of a data incident and notified individuals whose information have been affected.

The company conducted an internal investigation which revealed that an unauthorized individual had access to two enterprise email accounts.

They were able to determine that the information of up to 569 affiliated members may have been affected.

The incident have involved members’ names, dates of birth, medical history, treatment or diagnosis information, prescription information, medical record numbers, health provider and health insurance information, and/or health insurance policy numbers.

For a limited number of members, Social Security numbers and driver’s license numbers also have been affected.

Source: https://www.databreaches.net/equitas-health-notifies-569-members-after-discovering-two-employee-email-accounts-had-been-compromised/

TPRM report: https://scoringcyber.rankiteo.com/company/equitas-health

"id": "equ212119323",
"linkid": "equitas-health",
"type": "Data Leak",
"date": "05/2019",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'customers_affected': '569',
                        'industry': 'Healthcare',
                        'name': 'Equitas Health, Inc.',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Email Account Compromise',
 'data_breach': {'number_of_records_exposed': '569',
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Names',
                                              'Dates of Birth',
                                              'Medical History',
                                              'Treatment or Diagnosis '
                                              'Information',
                                              'Prescription Information',
                                              'Medical Record Numbers',
                                              'Health Provider Information',
                                              'Health Insurance Information',
                                              'Health Insurance Policy Numbers',
                                              'Social Security Numbers',
                                              'Driver’s License Numbers']},
 'description': 'Equitas Health, Inc. experienced a data incident where an '
                'unauthorized individual accessed two enterprise email '
                'accounts, potentially affecting the information of up to 569 '
                'affiliated members.',
 'impact': {'data_compromised': ['Names',
                                 'Dates of Birth',
                                 'Medical History',
                                 'Treatment or Diagnosis Information',
                                 'Prescription Information',
                                 'Medical Record Numbers',
                                 'Health Provider Information',
                                 'Health Insurance Information',
                                 'Health Insurance Policy Numbers',
                                 'Social Security Numbers',
                                 'Driver’s License Numbers']},
 'initial_access_broker': {'entry_point': 'Email'},
 'threat_actor': 'Unauthorized Individual',
 'title': 'Equitas Health Data Incident',
 'type': 'Data Breach'}