The U.S. Department of Health and Human Services reported on August 29, 2014, that Memorial Hermann Health System experienced a data breach due to unauthorized access/disclosure on July 7, 2014, affecting approximately 10,604 individuals' protected health information (PHI). The incident involved a workforce member accessing the information inappropriately through a desktop computer, and corrective actions were taken post-incident, including the termination of the workforce member and the expansion of the IT audit program.
Source: https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf
TPRM report: https://www.rankiteo.com/company/memorialhermann
"id": "mem308071625",
"linkid": "memorialhermann",
"type": "Breach",
"date": "7/2014",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 10604,
'industry': 'Healthcare',
'name': 'Memorial Hermann Health System',
'type': 'Healthcare Provider'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'number_of_records_exposed': 10604,
'type_of_data_compromised': 'Protected Health Information '
'(PHI)'},
'date_detected': '2014-07-07',
'date_publicly_disclosed': '2014-08-29',
'description': 'Unauthorized access/disclosure of protected health '
'information (PHI) affecting approximately 10,604 individuals.',
'impact': {'data_compromised': ['Protected Health Information (PHI)'],
'systems_affected': ['Desktop Computer']},
'references': [{'source': 'U.S. Department of Health and Human Services'}],
'response': {'remediation_measures': ['Termination of the workforce member',
'Expansion of the IT audit program']},
'threat_actor': 'Internal',
'title': 'Memorial Hermann Health System Data Breach',
'type': 'Data Breach'}