Legacy Health

About 38,000 Legacy Health patients' personal, medical or billing information have been accessed in a May email breach.

Someone accessed multiple employees' email accounts, some of which contained patient information.

The information potentially exposed includes patients' names, dates of birth, health insurance information, billing information, medical information regarding care they received at Legacy, social security numbers and driver's license information.

There is no indication of the information been misused.

Source: https://www.oregonlive.com/business/2018/08/legacy_health_email_breach_mig.html

TPRM report: https://scoringcyber.rankiteo.com/company/ourlegacyhealth

"id": "leg22881122",
"linkid": "ourlegacyhealth",
"type": "Breach",
"date": "08/2018",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 38000,
                        'industry': 'Healthcare',
                        'name': 'Legacy Health',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Email Account Access',
 'data_breach': {'number_of_records_exposed': 38000,
                 'personally_identifiable_information': ['names',
                                                         'dates of birth',
                                                         'social security '
                                                         'numbers',
                                                         "driver's license "
                                                         'information'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Medical Information',
                                              'Billing Information']},
 'date_detected': 'May 2023',
 'description': "About 38,000 Legacy Health patients' personal, medical or "
                'billing information have been accessed in a May email breach. '
                "Someone accessed multiple employees' email accounts, some of "
                'which contained patient information. The information '
                "potentially exposed includes patients' names, dates of birth, "
                'health insurance information, billing information, medical '
                'information regarding care they received at Legacy, social '
                "security numbers and driver's license information. There is "
                'no indication of the information been misused.',
 'impact': {'data_compromised': ['names',
                                 'dates of birth',
                                 'health insurance information',
                                 'billing information',
                                 'medical information',
                                 'social security numbers',
                                 "driver's license information"],
            'systems_affected': 'Email accounts'},
 'title': 'Legacy Health Email Breach',
 'type': 'Data Breach'}

Legacy Health

Microsoft

Young Consulting

IdeaLab