EyeSouth Partners recently suffered a security incident that potentially affected the protected health information of Georgia Eye Associates patients.
It was found that an unknown individual had access to one EyeSouth employee email account.
EyeSouth immediately launched an investigation, confirmed the security of its system, and implemented procedures designed to enhance the effectiveness of its information security safeguards.
EyeSouth determined that compromised information includes the name, patient ID number telephone number, email address, name of the health insurance carrier, and account balance information of some Georgia Eye Associates patients.
TPRM report: https://scoringcyber.rankiteo.com/company/eyesouth-partners
"id": "eye202921223",
"linkid": "eyesouth-partners",
"type": "Data Leak",
"date": "02/2019",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'customers_affected': 'Some Georgia Eye Associates '
'patients',
'industry': 'Healthcare',
'name': 'EyeSouth Partners',
'type': 'Healthcare Provider'}],
'attack_vector': 'Email Account Compromise',
'data_breach': {'personally_identifiable_information': ['Name',
'Patient ID number',
'Telephone number',
'Email address'],
'sensitivity_of_data': 'Protected Health Information',
'type_of_data_compromised': ['Name',
'Patient ID number',
'Telephone number',
'Email address',
'Name of the health insurance '
'carrier',
'Account balance information']},
'description': 'EyeSouth Partners recently suffered a security incident that '
'potentially affected the protected health information of '
'Georgia Eye Associates patients. It was found that an unknown '
'individual had access to one EyeSouth employee email account.',
'impact': {'data_compromised': ['Name',
'Patient ID number',
'Telephone number',
'Email address',
'Name of the health insurance carrier',
'Account balance information']},
'initial_access_broker': {'entry_point': 'Email Account'},
'response': {'containment_measures': 'Confirmed the security of its system',
'remediation_measures': 'Implemented procedures designed to '
'enhance the effectiveness of its '
'information security safeguards'},
'threat_actor': 'Unknown individual',
'title': 'EyeSouth Partners Security Incident',
'type': 'Data Breach',
'vulnerability_exploited': 'Unknown'}