Georgia Department of Human Services

The unauthorized individuals gained access to the mail accounts of several employees of the Georgia Department of Human Services.

The personal and protected health information of parents and children who were involved in Child Protective Services (CPS) cases with the DHS was linked with the accounts.

A variety of data of about 45,732 individuals was exposed in the attack.

Source: https://www.hipaajournal.com/228000-individuals-impacted-by-legacy-community-health-services-phishing-attack/

TPRM report: https://scoringcyber.rankiteo.com/company/georgiadhs

"id": "geo23568222",
"linkid": "georgiadhs",
"type": "Breach",
"date": "05/2020",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 45732,
                        'industry': 'Human Services',
                        'location': 'Georgia, USA',
                        'name': 'Georgia Department of Human Services',
                        'type': 'Government Agency'}],
 'attack_vector': 'Email Compromise',
 'data_breach': {'number_of_records_exposed': 45732,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Protected Health Information']},
 'description': 'Unauthorized individuals gained access to the mail accounts '
                'of several employees of the Georgia Department of Human '
                'Services, exposing personal and protected health information '
                'of parents and children involved in Child Protective Services '
                '(CPS) cases.',
 'impact': {'data_compromised': ['Personal Information',
                                 'Protected Health Information'],
            'systems_affected': ['Email Accounts']},
 'title': 'Unauthorized Access to Georgia DHS Employee Mail Accounts',
 'type': 'Data Breach'}