The Kentucky Employees’ Health Plan (KEHP) became a victim of a data breach for the second time in a consecutive month that took place from May 12 to 22.
The second data breach was a direct result of the first attack which happened from April 21 to 27.
971 KEHP members' accounts were accessed by a bad actor who used valid login information to infiltrate StayWell, a third-party vendor utilized by KEHP members for their well-being and incentive portal in the first attack.
42 of the original 971 targeted members also had their Commonwealth email accounts infiltrated in the second attack.
An additional $7,700 in fraudulent gift card redemptions resulted from this attack.
Source: https://www.govtech.com/security/two-data-breaches-hit-kentucky-employees-health-plan.html
TPRM report: https://www.rankiteo.com/company/kentuckyone-health
"id": "ken1494123",
"linkid": "kentuckyone-health",
"type": "Breach",
"date": "6/2017",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': '971 members (first attack), 42 '
'members (second attack)',
'industry': 'Healthcare',
'location': 'Kentucky, USA',
'name': 'Kentucky Employees’ Health Plan (KEHP)',
'type': 'Health Plan'}],
'attack_vector': 'Compromised Credentials',
'data_breach': {'number_of_records_exposed': '971 (first attack), 42 (second '
'attack)',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Login Information, Email '
'Accounts'},
'description': 'The Kentucky Employees’ Health Plan (KEHP) experienced a '
'second data breach in consecutive months, from May 12 to 22, '
'as a result of the first attack which happened from April 21 '
"to 27. In the first attack, 971 KEHP members' accounts were "
'accessed using valid login information to infiltrate '
'StayWell, a third-party vendor. In the second attack, 42 of '
'the original 971 targeted members had their Commonwealth '
'email accounts infiltrated, resulting in an additional $7,700 '
'in fraudulent gift card redemptions.',
'impact': {'data_compromised': 'Login Information, Email Accounts',
'financial_loss': '$7,700',
'identity_theft_risk': 'High',
'systems_affected': 'StayWell Portal, Commonwealth Email Accounts'},
'initial_access_broker': {'entry_point': 'StayWell Portal',
'high_value_targets': 'KEHP Members'},
'motivation': 'Financial Gain',
'post_incident_analysis': {'root_causes': 'Compromised Credentials'},
'threat_actor': 'Unknown',
'title': 'KEHP Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Valid Login Information'}