On June 27, 2015, a data breach occurred when a car break-in led to the theft of a computer belonging to Robert Soper, M.D. The stolen device contained patient records, including names, dates of birth, phone numbers, and clinical notes. However, no sensitive data such as Social Security numbers or insurance details was stored on the device. Authorities confirmed that there was no evidence the stolen information had been accessed or misused.The incident was reported to the California Office of the Attorney General on August 26, 2015. While the breach exposed protected health information (PHI), the lack of financial or highly sensitive data (e.g., SSNs) and the absence of confirmed unauthorized access limited the potential harm. The breach primarily posed a reputational and compliance risk rather than a direct financial or identity theft threat to affected patients. No ransomware or cyber attack was involved, and the exposure was due to physical theft rather than a targeted digital intrusion.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-57565
TPRM report: https://www.rankiteo.com/company/multi-build-solutions-group-inc
"id": "mul206082125",
"linkid": "multi-build-solutions-group-inc",
"type": "Breach",
"date": "6/2015",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Healthcare',
'location': 'California, USA',
'name': 'Robert Soper, M.D.',
'type': 'Healthcare Provider (Individual Practice)'}],
'attack_vector': 'Physical Theft (Car Break-in)',
'data_breach': {'data_exfiltration': 'No (device stolen, but no evidence of '
'data access)',
'personally_identifiable_information': ['Names',
'Dates of birth',
'Phone numbers'],
'sensitivity_of_data': 'Moderate (no SSNs or financial data, '
'but includes health-related notes)',
'type_of_data_compromised': ['Personal Information',
'Health Information']},
'date_detected': '2015-06-27',
'date_publicly_disclosed': '2015-08-26',
'description': 'The California Office of the Attorney General reported a data '
'breach involving Robert Soper, M.D. on August 26, 2015. The '
'breach occurred on June 27, 2015, when a car break-in '
'resulted in the theft of a computer containing patient names, '
'dates of birth, phone numbers, and clinical notes. Sensitive '
'information such as social security numbers and insurance '
'details was not stored on the device. No indication of the '
'information being accessed has been reported.',
'impact': {'brand_reputation_impact': 'Potential (due to public disclosure of '
'breach)',
'data_compromised': ['Patient names',
'Dates of birth',
'Phone numbers',
'Clinical notes'],
'identity_theft_risk': 'Low (no SSNs or financial data exposed)',
'systems_affected': ['One computer']},
'investigation_status': 'Closed (no evidence of data access reported)',
'post_incident_analysis': {'root_causes': ['Inadequate physical security for '
'a device containing sensitive '
'patient data']},
'references': [{'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulations_violated': ['Potential HIPAA violation '
'(unsecured protected '
'health information)'],
'regulatory_notifications': ['California Office of '
'the Attorney '
'General']},
'response': {'communication_strategy': 'Public disclosure via California '
'Office of the Attorney General',
'law_enforcement_notified': 'Likely (reported to California '
'Office of the Attorney General)'},
'title': 'Data Breach at Robert Soper, M.D. Due to Theft of Computer',
'type': 'Data Breach (Physical Theft)',
'vulnerability_exploited': 'Lack of Physical Security for Sensitive Device'}