The California Office of the Attorney General reported that Kaiser Permanente Health Plan, Inc of Northern California experienced a data breach on November 7, 2016, related to an accidental exposure of protected health information on October 12-13, 2016. The breach allowed member information accessed via kp.org to be mistakenly viewable by other visitors for approximately two hours, although no Social Security numbers or banking information were compromised.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-64764
TPRM report: https://www.rankiteo.com/company/kaiser-permanente
"id": "kai406072625",
"linkid": "kaiser-permanente",
"type": "Breach",
"date": "10/2016",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'industry': 'Healthcare',
'location': 'Northern California',
'name': 'Kaiser Permanente Health Plan, Inc of '
'Northern California',
'type': 'Healthcare Provider'}],
'attack_vector': 'Accidental Exposure',
'data_breach': {'personally_identifiable_information': 'Member Information',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Protected Health Information'},
'date_detected': '2016-11-07',
'description': 'The California Office of the Attorney General reported that '
'Kaiser Permanente Health Plan, Inc of Northern California '
'experienced a data breach on November 7, 2016, related to an '
'accidental exposure of protected health information on '
'October 12-13, 2016. The breach allowed member information '
'accessed via kp.org to be mistakenly viewable by other '
'visitors for approximately two hours, although no Social '
'Security numbers or banking information were compromised.',
'impact': {'data_compromised': 'Member Information',
'systems_affected': 'kp.org'},
'references': [{'source': 'California Office of the Attorney General'}],
'title': 'Kaiser Permanente Health Plan Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Misconfiguration'}