The California Office of the Attorney General reported a data breach involving Kaiser Permanente on October 29, 2012. The breach occurred on August 24, 2012, when an employee mistakenly emailed confidential employee information, including names and Social Security numbers, to an unauthorized recipient. The number of individuals affected is not specified, but the report states that no personal health information was involved.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-36833
TPRM report: https://www.rankiteo.com/company/kaiser-permanente
"id": "kai654072925",
"linkid": "kaiser-permanente",
"type": "Breach",
"date": "8/2012",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'California',
'name': 'Kaiser Permanente',
'type': 'Healthcare Provider'}],
'attack_vector': 'Human Error',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Social Security Numbers']},
'date_detected': '2012-08-24',
'date_publicly_disclosed': '2012-10-29',
'description': 'An employee mistakenly emailed confidential employee '
'information, including names and Social Security numbers, to '
'an unauthorized recipient.',
'impact': {'data_compromised': ['Names', 'Social Security Numbers']},
'motivation': 'Accidental',
'post_incident_analysis': {'root_causes': 'Human Error'},
'references': [{'date_accessed': '2012-10-29',
'source': 'California Office of the Attorney General'}],
'threat_actor': 'Internal Employee',
'title': 'Kaiser Permanente Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Email Misconfiguration'}