The email addresses of almost 40 people from NHS Highland who have HIV was made public by mistake.
It was found that 37 patients in the Highlands were able to see their own and the others people's addresses.
The message contained an invitation to a support group run by a sexual health clinic at Raigmore Hospital in Inverness.
People affected by this leak were understandably distressed, and HIV Scotland stands to support all those affected.
Source: https://www.bbc.com/news/uk-scotland-highlands-islands-48662386
TPRM report: https://scoringcyber.rankiteo.com/company/nhs-highland
"id": "nhs204726323",
"linkid": "nhs-highland",
"type": "Data Leak",
"date": "06/2019",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 37,
'industry': 'Healthcare',
'location': 'Highlands, Scotland',
'name': 'NHS Highland',
'type': 'Healthcare'}],
'attack_vector': 'Email Misconfiguration',
'data_breach': {'number_of_records_exposed': 37,
'personally_identifiable_information': ['Email Addresses'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Email Addresses']},
'description': 'The email addresses of almost 40 people from NHS Highland who '
'have HIV were made public by mistake. It was found that 37 '
'patients in the Highlands were able to see their own and '
"others' addresses. The message contained an invitation to a "
'support group run by a sexual health clinic at Raigmore '
'Hospital in Inverness. People affected by this leak were '
'understandably distressed, and HIV Scotland stands to support '
'all those affected.',
'impact': {'brand_reputation_impact': 'Significant',
'data_compromised': ['Email Addresses']},
'response': {'communication_strategy': 'Support offered by HIV Scotland'},
'title': 'NHS Highland Email Address Leak',
'type': 'Data Breach'}