cyber Breach

Kaiser Permanente

Jul 4, 2022 1 min read
Kaiser Permanente

Unauthorized access to the US healthcare giant Kaiser Permanente's email system exposed the healthcare and personal information of up to 70,000 patients.

The breach exposed patients’ first and last names, medical record numbers, dates of service, and laboratory test result information of the health plan provider.

Kaiser Permanente asked all of its employees to reset their passwords for their email accounts and arranged additional training on safe email practices for all its staff.

Source: https://portswigger.net/daily-swig/kaiser-permanente-data-breach-exposed-healthcare-records-of-70-000-patients

TPRM report: https://scoringcyber.rankiteo.com/company/kaiser-permanente

"id": "kai12717622",
"linkid": "kaiser-permanente",
"type": "Breach",
"date": "04/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'customers_affected': 70000,
                        'industry': 'Healthcare',
                        'location': 'United States',
                        'name': 'Kaiser Permanente',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Unauthorized Access',
 'data_breach': {'number_of_records_exposed': 70000,
                 'personally_identifiable_information': ['first and last names',
                                                         'medical record '
                                                         'numbers',
                                                         'dates of service',
                                                         'laboratory test '
                                                         'result information'],
                 'type_of_data_compromised': ['Healthcare Information',
                                              'Personal Information']},
 'description': 'Unauthorized access to the US healthcare giant Kaiser '
                "Permanente's email system exposed the healthcare and personal "
                'information of up to 70,000 patients. The breach exposed '
                'patients’ first and last names, medical record numbers, dates '
                'of service, and laboratory test result information of the '
                'health plan provider. Kaiser Permanente asked all of its '
                'employees to reset their passwords for their email accounts '
                'and arranged additional training on safe email practices for '
                'all its staff.',
 'impact': {'data_compromised': ['first and last names',
                                 'medical record numbers',
                                 'dates of service',
                                 'laboratory test result information'],
            'systems_affected': ['email system']},
 'response': {'containment_measures': ['Password reset for all employees'],
              'remediation_measures': ['Additional training on safe email '
                                       'practices']},
 'title': "Unauthorized Access to Kaiser Permanente's Email System",
 'type': 'Data Breach'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.