In July 2023, Example Healthcare Inc. reported a significant data breach impacting 600,000 individuals. The breach was traced back to a sophisticated malware attack that exploited an unpatched vulnerability in the company's email system. Personal health information, including medical histories, health insurance details, and personally identifiable information (PII) such as names, addresses, and Social Security numbers were compromised. The breach was discovered when abnormal activities were detected by the internal security systems, prompting an immediate investigation. The company has since taken measures to reinforce its cyber defenses, including the deployment of advanced malware detection tools and employee training programs to recognize phishing attempts.
Source: https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
TPRM report: https://scoringcyber.rankiteo.com/company/example-healthcare-inc
"id": "exa211050824",
"linkid": "example-healthcare-inc",
"type": "Breach",
"date": "07/2023",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 600000,
'industry': 'Healthcare',
'name': 'Example Healthcare Inc.',
'type': 'Healthcare'}],
'attack_vector': 'Malware',
'data_breach': {'number_of_records_exposed': 600000,
'personally_identifiable_information': ['Names',
'Addresses',
'Social Security '
'numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal health information',
'Medical histories',
'Health insurance details',
'Personally identifiable '
'information (PII)',
'Names',
'Addresses',
'Social Security numbers']},
'date_detected': 'July 2023',
'date_publicly_disclosed': 'July 2023',
'description': 'In July 2023, Example Healthcare Inc. reported a significant '
'data breach impacting 600,000 individuals. The breach was '
'traced back to a sophisticated malware attack that exploited '
"an unpatched vulnerability in the company's email system. "
'Personal health information, including medical histories, '
'health insurance details, and personally identifiable '
'information (PII) such as names, addresses, and Social '
'Security numbers were compromised. The breach was discovered '
'when abnormal activities were detected by the internal '
'security systems, prompting an immediate investigation. The '
'company has since taken measures to reinforce its cyber '
'defenses, including the deployment of advanced malware '
'detection tools and employee training programs to recognize '
'phishing attempts.',
'impact': {'data_compromised': ['Personal health information',
'Medical histories',
'Health insurance details',
'Personally identifiable information (PII)',
'Names',
'Addresses',
'Social Security numbers'],
'systems_affected': 'Email system'},
'post_incident_analysis': {'corrective_actions': ['Deployment of advanced '
'malware detection tools',
'Employee training programs '
'to recognize phishing '
'attempts'],
'root_causes': 'Unpatched vulnerability in the '
'email system'},
'response': {'remediation_measures': ['Deployment of advanced malware '
'detection tools',
'Employee training programs to '
'recognize phishing attempts']},
'title': 'Example Healthcare Inc. Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Unpatched vulnerability in the email system'}