Breach cyber

MEDNAX Services, Inc.

Jul 2, 2020 1 min read
MEDNAX Services, Inc.

The California Office of the Attorney General reported a data breach at MEDNAX Services, Inc. on December 23, 2020. The breach occurred on July 2 and July 3, 2020, involving unauthorized access to a Microsoft Office 365-hosted business email account through phishing, potentially impacting patient information including names, Social Security numbers, and health insurance details. Notifications were sent to individuals whose data may have been involved.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-197488

TPRM report: https://www.rankiteo.com/company/mednax

"id": "med254072625",
"linkid": "mednax",
"type": "Breach",
"date": "7/2020",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Healthcare',
                        'name': 'MEDNAX Services, Inc.',
                        'type': 'Company'}],
 'attack_vector': 'Phishing',
 'data_breach': {'personally_identifiable_information': ['Names',
                                                         'Social Security '
                                                         'numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Names',
                                              'Social Security numbers',
                                              'Health insurance details']},
 'date_detected': '2020-12-23',
 'date_publicly_disclosed': '2020-12-23',
 'description': 'The California Office of the Attorney General reported a data '
                'breach at MEDNAX Services, Inc. on December 23, 2020. The '
                'breach occurred on July 2 and July 3, 2020, involving '
                'unauthorized access to a Microsoft Office 365-hosted business '
                'email account through phishing, potentially impacting patient '
                'information including names, Social Security numbers, and '
                'health insurance details. Notifications were sent to '
                'individuals whose data may have been involved.',
 'impact': {'data_compromised': ['Names',
                                 'Social Security numbers',
                                 'Health insurance details'],
            'systems_affected': ['Microsoft Office 365-hosted business email '
                                 'account']},
 'initial_access_broker': {'entry_point': 'Phishing email'},
 'post_incident_analysis': {'root_causes': 'Phishing attack leading to '
                                           'unauthorized access'},
 'references': [{'date_accessed': '2020-12-23',
                 'source': 'California Office of the Attorney General'}],
 'response': {'communication_strategy': 'Notifications sent to individuals '
                                        'whose data may have been involved'},
 'title': 'Data Breach at MEDNAX Services, Inc.',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Unauthorized access to business email account'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.