Health Quest

Health Quest

Health Quest's employees fell victim to phishing attacks in July 2018 which resulted in the breach of the protected health information of its customers.

The breached information included patient names, health insurance claims information, diagnoses, treatments, dates of service, provider names, and other information related to medical services that were contained in the impacted employee email accounts and their attachments.

Health Quest Affiliates investigated the incident and notified the affected patients.

Source: https://healthitsecurity.com/news/health-quest-reports-phishing-attack-related-breach-from-2018

TPRM report: https://scoringcyber.rankiteo.com/company/health-quest

"id": "hea224291022",
"linkid": "health-quest",
"type": "Breach",
"date": "07/2018",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Healthcare',
                        'name': 'Health Quest',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Phishing',
 'customer_advisories': 'Notified affected patients',
 'data_breach': {'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['protected health information',
                                              'patient names',
                                              'health insurance claims '
                                              'information',
                                              'diagnoses',
                                              'treatments',
                                              'dates of service',
                                              'provider names',
                                              'other information related to '
                                              'medical services']},
 'date_detected': '2018-07-01',
 'description': "Health Quest's employees fell victim to phishing attacks in "
                'July 2018 which resulted in the breach of the protected '
                'health information of its customers. The breached information '
                'included patient names, health insurance claims information, '
                'diagnoses, treatments, dates of service, provider names, and '
                'other information related to medical services that were '
                'contained in the impacted employee email accounts and their '
                'attachments. Health Quest Affiliates investigated the '
                'incident and notified the affected patients.',
 'impact': {'data_compromised': ['patient names',
                                 'health insurance claims information',
                                 'diagnoses',
                                 'treatments',
                                 'dates of service',
                                 'provider names',
                                 'other information related to medical '
                                 'services']},
 'initial_access_broker': {'entry_point': 'Phishing'},
 'investigation_status': 'Completed',
 'post_incident_analysis': {'root_causes': 'Phishing attacks on employees'},
 'response': {'communication_strategy': 'Notified affected patients'},
 'title': 'Health Quest Phishing Incident',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Human'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.