On December 16, 2020, the California Attorney General reported a data breach involving MEDNAX Services, Inc. The breach occurred between June 17, 2020, and June 22, 2020, due to unauthorized access to Microsoft Office 365-hosted business email accounts via phishing, potentially affecting the personal information of 45 Rhode Island residents.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-197246
TPRM report: https://www.rankiteo.com/company/mednax
"id": "med648072725",
"linkid": "mednax",
"type": "Breach",
"date": "6/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 45,
'industry': 'Healthcare',
'location': 'Rhode Island',
'name': 'MEDNAX Services, Inc.',
'type': 'Company'}],
'attack_vector': 'Phishing',
'data_breach': {'number_of_records_exposed': 45,
'type_of_data_compromised': 'Personal information'},
'date_detected': '2020-12-16',
'date_publicly_disclosed': '2020-12-16',
'description': 'Unauthorized access to Microsoft Office 365-hosted business '
'email accounts via phishing, potentially affecting the '
'personal information of 45 Rhode Island residents.',
'impact': {'data_compromised': 'Personal information',
'systems_affected': 'Microsoft Office 365-hosted business email '
'accounts'},
'initial_access_broker': {'entry_point': 'Phishing'},
'references': [{'date_accessed': '2020-12-16',
'source': 'California Attorney General'}],
'title': 'MEDNAX Services, Inc. Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Unauthorized access to email accounts'}