Mayfield Brain & Spine

An unauthorized person had accessed the database of Mayfield Brain & Spine’s account at an outside vendor.

The vendor sent, via email, newsletters, educational information, invitations, announcements, and other information about Mayfield to patients, business associates, event attendees, website contacts, and other friends of Mayfield.

In this incident, no Mayfield systems were involved, and no patient health or financial information was compromised.

Source: https://www.databreaches.net/breach-at-vendors-results-in-mayfield-brain-spine-patients-receiving-emails-containing-malware/

TPRM report: https://scoringcyber.rankiteo.com/company/mayfield-clinic

"id": "may223823522",
"linkid": "mayfield-clinic",
"type": "Breach",
"date": "05/2016",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'industry': 'Healthcare',
                        'name': 'Mayfield Brain & Spine',
                        'type': 'Healthcare'}],
 'attack_vector': 'Email',
 'description': 'An unauthorized person had accessed the database of Mayfield '
                'Brain & Spine’s account at an outside vendor. The vendor '
                'sent, via email, newsletters, educational information, '
                'invitations, announcements, and other information about '
                'Mayfield to patients, business associates, event attendees, '
                'website contacts, and other friends of Mayfield. In this '
                'incident, no Mayfield systems were involved, and no patient '
                'health or financial information was compromised.',
 'threat_actor': 'Unauthorized Person',
 'title': 'Unauthorized Access to Mayfield Brain & Spine’s Vendor Database',
 'type': 'Unauthorized Access'}