HealthEquity

HealthEquity has notified individuals potentially impacted by a security incident.

A single employee’s email account was accessed by an unauthorized individual that has culminated in the disclosure of protected health information.

As soon as HealthEquity discovered the incident, the unauthorized individual’s access to the mailbox was eliminated and an investigation was initiated to determine the nature and scope of the event.

HealthEquity confirmed that only one email account belonging to a single HealthEquity employee was compromised as a result of human error.

No other HealthEquity systems were impacted or affected.

The email account contained protected health information including names, emails, HealthEquity member IDs, employer names, HealthEquity employer IDs, and healthcare account type, deduction amounts, and Social Security numbers for some Michigan-based employees.

Source: https://www.clickondetroit.com/health/2018/06/13/healthequity-reports-email-breach-that-compromised-health-information/

"id": "HEA12299822",
"linkid": "healthequity",
"type": "Data Leak",
"date": "06/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"