The California Attorney General reported a data breach involving HealthEquity, Inc. on November 15, 2018. The breach occurred between September 4, 2018, and October 5, 2018, due to unauthorized access to employee email accounts, potentially exposing sensitive personal information including Social Security numbers. This incident highlights the vulnerability of employee email accounts and the potential for significant data leaks that can compromise sensitive personal information.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-141841
TPRM report: https://www.rankiteo.com/company/healthequity
"id": "hea350080525",
"linkid": "healthequity",
"type": "Breach",
"date": "9/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Healthcare',
'name': 'HealthEquity, Inc.',
'type': 'Company'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Social Security numbers']},
'date_detected': '2018-10-05',
'date_publicly_disclosed': '2018-11-15',
'description': 'Unauthorized access to employee email accounts potentially '
'exposing sensitive personal information including Social '
'Security numbers.',
'impact': {'data_compromised': ['Social Security numbers']},
'references': [{'date_accessed': '2018-11-15',
'source': 'California Attorney General'}],
'title': 'HealthEquity, Inc. Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Employee Email Accounts'}