Unauthorized access to the US healthcare giant Kaiser Permanente's email system exposed the healthcare and personal information of up to 70,000 patients.
The breach exposed patients’ first and last names, medical record numbers, dates of service, and laboratory test result information of the health plan provider.
Kaiser Permanente asked all of its employees to reset their passwords for their email accounts and arranged additional training on safe email practices for all its staff.
TPRM report: https://scoringcyber.rankiteo.com/company/kaiser-permanente
"id": "kai12717622",
"linkid": "kaiser-permanente",
"type": "Breach",
"date": "04/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'customers_affected': 70000,
'industry': 'Healthcare',
'location': 'United States',
'name': 'Kaiser Permanente',
'type': 'Healthcare Provider'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'number_of_records_exposed': 70000,
'personally_identifiable_information': ['first and last names',
'medical record '
'numbers',
'dates of service',
'laboratory test '
'result information'],
'type_of_data_compromised': ['Healthcare Information',
'Personal Information']},
'description': 'Unauthorized access to the US healthcare giant Kaiser '
"Permanente's email system exposed the healthcare and personal "
'information of up to 70,000 patients. The breach exposed '
'patients’ first and last names, medical record numbers, dates '
'of service, and laboratory test result information of the '
'health plan provider. Kaiser Permanente asked all of its '
'employees to reset their passwords for their email accounts '
'and arranged additional training on safe email practices for '
'all its staff.',
'impact': {'data_compromised': ['first and last names',
'medical record numbers',
'dates of service',
'laboratory test result information'],
'systems_affected': ['email system']},
'response': {'containment_measures': ['Password reset for all employees'],
'remediation_measures': ['Additional training on safe email '
'practices']},
'title': "Unauthorized Access to Kaiser Permanente's Email System",
'type': 'Data Breach'}