On **April 2, 2025**, the **Maine Office of the Attorney General** disclosed a **data breach** involving **Gilead Sciences, Inc.**, stemming from an **inadvertent mailing error** by **Billing Document Specialists**. The incident, detected on **February 18, 2025**, resulted in the **unauthorized disclosure of sensitive personal information**—specifically **Social Security numbers**—of **12,224 individuals**, including **4 residents in California**. The breach occurred due to a **procedural failure in handling physical mail**, leading to the exposure of **confidential financial identifiers** without evidence of malicious cyber activity or further exploitation. While the exposed data carries **high sensitivity**, there were **no reports of identity theft, financial fraud, or systemic compromise** linked to the incident. The company likely initiated **remediation measures**, such as notifications to affected parties and regulatory bodies, but the breach’s scope remained **contained to document mishandling** rather than a targeted cyberattack or systemic vulnerability exploitation.
TPRM report: https://www.rankiteo.com/company/gilead-sciences
"id": "gil957091725",
"linkid": "gilead-sciences",
"type": "Breach",
"date": "2/2025",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': '12,224 individuals (including 4 '
'residents in California)',
'industry': 'Biopharmaceutical',
'location': 'United States',
'name': 'Gilead Sciences, Inc.',
'type': 'Corporation'},
{'industry': 'Document Processing',
'name': 'Billing Document Specialists',
'type': 'Third-Party Vendor'}],
'attack_vector': 'Human Error (Mailing Error)',
'data_breach': {'data_exfiltration': 'No (inadvertent disclosure via mailing '
'error)',
'number_of_records_exposed': '12,224',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (Personally Identifiable '
'Information)',
'type_of_data_compromised': ['Social Security numbers']},
'date_detected': '2025-02-18',
'date_publicly_disclosed': '2025-04-02',
'description': 'The Maine Office of the Attorney General reported a data '
'breach involving Gilead Sciences, Inc. The breach occurred '
"due to an inadvertent disclosure of 12,224 individuals' "
'information, including Social Security numbers, through a '
'mailing error by Billing Document Specialists. The incident '
'affected 4 residents in California.',
'impact': {'brand_reputation_impact': 'Potential reputational harm due to '
'exposure of sensitive personal data',
'data_compromised': ['Social Security numbers'],
'identity_theft_risk': 'High (due to exposure of Social Security '
'numbers)'},
'post_incident_analysis': {'root_causes': 'Human error by third-party vendor '
'(Billing Document Specialists) '
'leading to inadvertent disclosure '
'of sensitive data via mail.'},
'references': [{'date_accessed': '2025-04-02',
'source': 'Maine Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': 'Maine Office of the '
'Attorney General'},
'response': {'communication_strategy': 'Public disclosure via Maine Office of '
'the Attorney General'},
'title': 'Gilead Sciences, Inc. Data Breach via Mailing Error',
'type': 'Data Breach'}