An unauthorized person had accessed the database of Mayfield Brain & Spine’s account at an outside vendor.
The vendor sent, via email, newsletters, educational information, invitations, announcements, and other information about Mayfield to patients, business associates, event attendees, website contacts, and other friends of Mayfield.
In this incident, no Mayfield systems were involved, and no patient health or financial information was compromised.
"id": "MAY223823522",
"linkid": "mayfield-clinic",
"type": "Breach",
"date": "05/2016",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"