HealthStream

HealthStream

An IT specialist has found that around 10,000 doctors' internet contact information was left vulnerable by the US healthcare company Health Stream.

Ten days earlier, Wethern informed Health Stream of his discovery, stating that the data were hosted on one of the websites that had been taken down.

Shortly after Wethern revealed the data leak, the website containing the medics' records was taken down, but the compromised material is still accessible through various internet caches.

Threat actors may utilise compromised data to initiate a spear phishing attack on Health Stream physicians.

Source: https://securityaffairs.com/71669/data-breach/health-stream-data-leak.html

TPRM report: https://scoringcyber.rankiteo.com/company/healthstream

"id": "hea337251223",
"linkid": "healthstream",
"type": "Data Leak",
"date": "04/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': '10,000 Doctors',
                        'industry': 'Healthcare',
                        'location': 'United States',
                        'name': 'Health Stream',
                        'type': 'Healthcare Company'}],
 'attack_vector': 'Exposed Data',
 'data_breach': {'number_of_records_exposed': '10,000',
                 'personally_identifiable_information': 'Internet Contact '
                                                        'Information',
                 'sensitivity_of_data': 'Moderate',
                 'type_of_data_compromised': 'Internet Contact Information'},
 'description': "An IT specialist discovered that around 10,000 doctors' "
                'internet contact information was left vulnerable by the US '
                'healthcare company Health Stream.',
 'impact': {'brand_reputation_impact': 'Negative',
            'data_compromised': 'Internet Contact Information of Doctors',
            'identity_theft_risk': 'High'},
 'response': {'containment_measures': 'Website Takedown'},
 'title': 'Health Stream Data Leak',
 'type': 'Data Leak',
 'vulnerability_exploited': 'Exposed Data on Website'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.