The California Office of the Attorney General reported a data breach involving HealthEquity on January 25, 2016. The breach occurred on December 11, 2015, due to an employee inadvertently sending an email that included personal information, specifically names and Social Security numbers. This incident highlights the risks associated with human error in handling sensitive data, as it resulted in the unauthorized disclosure of personal information.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-59797
TPRM report: https://www.rankiteo.com/company/healthequity
"id": "hea537072725",
"linkid": "healthequity",
"type": "Breach",
"date": "12/2015",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Healthcare',
'name': 'HealthEquity',
'type': 'Company'}],
'attack_vector': 'Email',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Social Security numbers']},
'date_detected': '2015-12-11',
'date_publicly_disclosed': '2016-01-25',
'description': 'An employee inadvertently sent an email that included '
'personal information, specifically names and Social Security '
'numbers.',
'impact': {'data_compromised': ['Names', 'Social Security numbers']},
'post_incident_analysis': {'root_causes': 'Human Error'},
'references': [{'date_accessed': '2016-01-25',
'source': 'California Office of the Attorney General'}],
'title': 'HealthEquity Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Human Error'}