Medical Depot, Inc.

On May 25, 2020, Drive DeVilbiss Healthcare (operating under Medical Depot, Inc.) experienced a data breach when an unauthorized third party gained remote access to its network. The incident, reported to the California Attorney General's Office on September 14, 2020, exposed personal information, including names, of an undetermined number of individuals. The breach highlights vulnerabilities in the company’s cybersecurity defenses, allowing external actors to infiltrate systems and potentially access sensitive data. While the full scope of the compromised information remains unclear, the incident underscores risks to customer privacy and trust. The delay in public disclosure (nearly four months) may further exacerbate reputational and operational consequences. As a healthcare-related entity, the breach also raises concerns about compliance with data protection regulations like HIPAA, though no financial or medical records were explicitly confirmed as stolen in the report.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-194044

TPRM report: https://www.rankiteo.com/company/medical-supplies-depot-inc

"id": "med315091725",
"linkid": "medical-supplies-depot-inc",
"type": "Breach",
"date": "5/2020",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Unknown',
                        'industry': 'Healthcare',
                        'location': 'California, USA',
                        'name': 'Medical Depot, Inc. (Drive DeVilbiss '
                                'Healthcare)',
                        'type': 'Company'}],
 'attack_vector': 'Remote Access',
 'data_breach': {'number_of_records_exposed': 'Unknown',
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'Moderate',
                 'type_of_data_compromised': ['Personal Information (Names)']},
 'date_detected': '2020-05-25',
 'date_publicly_disclosed': '2020-09-14',
 'description': "The California Attorney General's Office reported a data "
                'breach involving Medical Depot, Inc., doing business as Drive '
                'DeVilbiss Healthcare, on September 14, 2020. The breach '
                'occurred on May 25, 2020, when an unauthorized third party '
                "gained remote access to the company's network, potentially "
                'compromising personal information including names. The number '
                'of affected individuals is currently unknown.',
 'impact': {'data_compromised': ['Names'], 'identity_theft_risk': 'Potential'},
 'initial_access_broker': {'entry_point': 'Remote Access'},
 'references': [{'source': "California Attorney General's Office"}],
 'regulatory_compliance': {'regulatory_notifications': ['California Attorney '
                                                        "General's Office"]},
 'threat_actor': 'Unauthorized Third Party',
 'title': 'Data Breach at Medical Depot, Inc. (Drive DeVilbiss Healthcare)',
 'type': 'Data Breach'}

Medical Depot, Inc.

Grafana: Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

Reqrea: Millions Of Hotel Guests' IDs Left Open Online In Massive Security Blunder

THORChain: More than $10 million stolen from crypto platform THORChain