LaPorte & Associates, Inc. faced potential unauthorized access to a laptop containing certain personal information.
A laptop belonging to one of its agents was stolen.
The data potentially subject to unauthorized access varies.
It includes some combination of the individual’s name, mailing address, Social Security numbers, driver’s license numbers, health insurance numbers, claims information, dates of service, provider names, diagnoses or treatment information, and explanations of benefits, invoice amounts, and invoices.
LaPorte when learned about the theft immediately secured the employee’s email account, took steps to prevent any remote access to LaPorte’s systems, began an investigation, and engaged a leading forensic firm.
LaPorte has no evidence to date that any data on the laptop has been used inappropriately.
Letters to those impacted by the incident for whom LaPorte has an address are being mailed.
Source: https://www.databreaches.net/or-laporte-associates-notifies-clients-of-laptop-theft/
TPRM report: https://scoringcyber.rankiteo.com/company/laporte-and-associates
"id": "lap223223722",
"linkid": "laporte-and-associates",
"type": "Data Leak",
"date": "05/2018",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'name': 'LaPorte & Associates, Inc.',
'type': 'Company'}],
'attack_vector': 'Physical Theft',
'customer_advisories': 'Letters to those impacted by the incident for whom '
'LaPorte has an address are being mailed.',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Individual’s name',
'Mailing address',
'Social Security numbers',
'Driver’s license numbers',
'Health insurance numbers',
'Claims information',
'Dates of service',
'Provider names',
'Diagnoses or treatment '
'information',
'Explanations of benefits',
'Invoice amounts',
'Invoices']},
'description': 'LaPorte & Associates, Inc. faced potential unauthorized '
'access to a laptop containing certain personal information.',
'impact': {'data_compromised': ['Individual’s name',
'Mailing address',
'Social Security numbers',
'Driver’s license numbers',
'Health insurance numbers',
'Claims information',
'Dates of service',
'Provider names',
'Diagnoses or treatment information',
'Explanations of benefits',
'Invoice amounts',
'Invoices']},
'initial_access_broker': {'entry_point': 'Stolen Laptop'},
'investigation_status': 'Ongoing',
'response': {'communication_strategy': 'Letters to those impacted by the '
'incident for whom LaPorte has an '
'address are being mailed.',
'containment_measures': 'Secured the employee’s email account '
'and prevented remote access to '
'LaPorte’s systems',
'incident_response_plan_activated': True,
'third_party_assistance': True},
'title': 'Unauthorized Access to Laptop Containing Personal Information',
'type': 'Data Breach'}