On November 3, 2023, the Maine Office of the Attorney General disclosed a data breach targeting Mulkay Cardiology Consultants at Holy Name Medical Center, P.C., occurring between September 1 and September 5, 2023. The incident was classified as an external system breach (hacking), compromising the personal information of 79,582 individuals, including driver’s license numbers and other sensitive data. The breach exposed affected individuals to potential identity theft risks, prompting the company to offer free identity theft protection services through Experian as a remedial measure. While the exact method of infiltration remains undisclosed, the scale and nature of the stolen data particularly government-issued identifiers heighten concerns over fraudulent activity, financial exploitation, and long-term reputational harm for both the medical center and its patients. As a healthcare-related breach, the incident underscores vulnerabilities in safeguarding patient confidentiality, with implications for trust erosion and potential regulatory scrutiny under data protection laws like HIPAA. The breach did not involve ransomware but represented a deliberate cyber intrusion with substantial personal data exposure.
TPRM report: https://www.rankiteo.com/company/mulkay-cardiology-consultants
"id": "mul558091725",
"linkid": "mulkay-cardiology-consultants",
"type": "Cyber Attack",
"date": "9/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 79582,
'industry': 'Healthcare',
'name': 'Mulkay Cardiology Consultants at Holy Name '
'Medical Center, P.C.',
'type': 'Healthcare Provider'}],
'attack_vector': 'External System Breach (Hacking)',
'customer_advisories': 'Identity theft protection services through Experian '
'were offered to affected individuals.',
'data_breach': {'number_of_records_exposed': 79582,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ["Driver's license numbers",
'Other personal information']},
'date_publicly_disclosed': '2023-11-03',
'description': 'On November 3, 2023, the Maine Office of the Attorney General '
'reported a data breach involving Mulkay Cardiology '
'Consultants at Holy Name Medical Center, P.C. The breach, '
'which occurred from September 1 to September 5, 2023, was '
'classified as an external system breach (hacking) and '
'affected a total of 79,582 individuals. The compromised '
"information may have included driver's license numbers and "
'other personal information, and identity theft protection '
'services through Experian were offered to affected '
'individuals.',
'impact': {'data_compromised': ["Driver's license numbers",
'Other personal information'],
'identity_theft_risk': 'High (Identity theft protection services '
'offered)'},
'references': [{'source': 'Maine Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': 'Maine Office of the '
'Attorney General'},
'response': {'third_party_assistance': 'Experian (Identity theft protection '
'services)'},
'title': 'Data Breach at Mulkay Cardiology Consultants at Holy Name Medical '
'Center, P.C.',
'type': 'Data Breach'}