Breach cyber

MultiPlan, Inc

Dec 1, 2020 1 min read
MultiPlan, Inc

On August 13, 2021, the Maine Office of the Attorney General disclosed a data breach at MultiPlan, Inc., initially detected on January 27, 2021. The incident stemmed from unauthorized access (hacking), exposing sensitive personal data—specifically Social Security Numbers (SSNs)—of two residents. While the breach’s scale appears limited in terms of affected individuals, the compromise of SSNs poses severe risks, including identity theft, financial fraud, and long-term reputational harm for the victims. The nature of the attack suggests a targeted intrusion, likely exploiting vulnerabilities in MultiPlan’s cybersecurity defenses. As a healthcare cost-management firm handling vast amounts of protected health information (PHI) and personally identifiable information (PII), such breaches undermine trust in the company’s ability to safeguard critical data. The delayed public notification (nearly 7 months after discovery) may further exacerbate regulatory scrutiny and potential legal repercussions under data protection laws like HIPAA or state-level breach notification statutes.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/d52d7aa2-df5f-4074-83a3-0bc9b47ca641.shtml

TPRM report: https://www.rankiteo.com/company/hstechnology

"id": "hst743082025",
"linkid": "hstechnology",
"type": "Breach",
"date": "12/2020",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 2,
                        'industry': 'Healthcare (Cost Management Solutions)',
                        'location': 'United States',
                        'name': 'MultiPlan, Inc.',
                        'type': 'Corporation'},
                       {'industry': 'Legal/Regulatory',
                        'location': 'Maine, United States',
                        'name': 'Maine Office of the Attorney General',
                        'type': 'Government Agency'}],
 'attack_vector': 'Unauthorized Access (Hacking)',
 'data_breach': {'data_exfiltration': 'Potential',
                 'number_of_records_exposed': 2,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Social Security Numbers']},
 'date_detected': '2021-01-27',
 'date_publicly_disclosed': '2021-08-13',
 'description': 'On August 13, 2021, the Maine Office of the Attorney General '
                'reported a data breach involving MultiPlan, Inc., discovered '
                'on January 27, 2021. The breach resulted from unauthorized '
                'access (hacking) and potentially compromised Social Security '
                'Numbers, affecting 2 residents.',
 'impact': {'data_compromised': ['Social Security Numbers'],
            'identity_theft_risk': 'Potential'},
 'references': [{'date_accessed': '2021-08-13',
                 'source': 'Maine Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['Maine Office of the '
                                                        'Attorney General']},
 'title': 'MultiPlan, Inc. Data Breach (2021)',
 'type': 'Data Breach'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.