On October 5, 2018, the California Office of the Attorney General reported that Gold Coast Health Plan (GCHP) experienced a phishing email attack that compromised an employee's email account, potentially affecting the protected health information of GCHP members between June 18, 2018, and August 1, 2018. The type of information potentially exposed included health plan identification numbers, medical service dates, member names, dates of birth, and medical procedure codes.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-140512
TPRM report: https://www.rankiteo.com/company/goldcoasthealthplan
"id": "gol421072525",
"linkid": "goldcoasthealthplan",
"type": "Breach",
"date": "6/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'California',
'name': 'Gold Coast Health Plan',
'type': 'Healthcare Provider'}],
'attack_vector': 'Email',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['health plan identification '
'numbers',
'medical service dates',
'member names',
'dates of birth',
'medical procedure codes']},
'date_detected': '2018-10-05',
'date_publicly_disclosed': '2018-10-05',
'description': "A phishing email attack compromised an employee's email "
'account, potentially affecting the protected health '
'information of GCHP members.',
'impact': {'data_compromised': ['health plan identification numbers',
'medical service dates',
'member names',
'dates of birth',
'medical procedure codes']},
'initial_access_broker': {'entry_point': 'Email'},
'references': [{'date_accessed': '2018-10-05',
'source': 'California Office of the Attorney General'}],
'title': 'Gold Coast Health Plan Phishing Attack',
'type': 'Phishing Attack',
'vulnerability_exploited': 'Human Error'}