National Healthcare Group (NHG) has been fined $6,000 for failing to secure personal data.
A list containing the information of 129 doctors was found by one of them when she did a Google search of her name.
This list contained the full names, mobile numbers, NRIC numbers and photographs of some of them.
This list should not have been accessible to non-authorised users and members of the public.
TPRM report: https://scoringcyber.rankiteo.com/company/national-healthcare-group
"id": "nat231261222",
"linkid": "national-healthcare-group",
"type": "Data Leak",
"date": "01/2020",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 129,
'industry': 'Healthcare',
'name': 'National Healthcare Group (NHG)',
'type': 'Healthcare Organization'}],
'attack_vector': 'Publicly Accessible Data',
'data_breach': {'number_of_records_exposed': 129,
'personally_identifiable_information': ['full names',
'mobile numbers',
'NRIC numbers',
'photographs'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['PII']},
'description': 'National Healthcare Group (NHG) has been fined $6,000 for '
'failing to secure personal data. A list containing the '
'information of 129 doctors was found by one of them when she '
'did a Google search of her name. This list contained the full '
'names, mobile numbers, NRIC numbers and photographs of some '
'of them. This list should not have been accessible to '
'non-authorised users and members of the public.',
'impact': {'data_compromised': ['full names',
'mobile numbers',
'NRIC numbers',
'photographs'],
'legal_liabilities': ['$6,000 fine']},
'regulatory_compliance': {'fines_imposed': '$6,000'},
'title': 'NHG Data Breach',
'type': 'Data Breach'}