cyber Breach

NorthStar Anesthesia

May 11, 2023 1 min read
NorthStar Anesthesia

An email phishing campaign resulted in the compromise of NorthStar's certain employees’ email credentials.

An unauthorized actors gained access to certain employee email accounts between April 3 and May 24, 2018.

The emails affected by this incident contained personal information.

The information affected includes name, date of birth, health insurance application or claims information, health insurance policy or subscriber number, health information, IRS identity protection number, taxpayer identification number, medical history information, treatment and diagnosis information, and medical record number and social security number.

Source: https://www.databreaches.net/northstar-anesthesia-notifies-patients-after-employee-email-accounts-compromised/

TPRM report: https://scoringcyber.rankiteo.com/company/northstar-anesthesia

"id": "nor235691122",
"linkid": "northstar-anesthesia",
"type": "Data Leak",
"date": "07/2018",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'name': 'NorthStar', 'type': 'Company'}],
 'attack_vector': 'Phishing',
 'data_breach': {'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Name',
                                              'Date of Birth',
                                              'Health Insurance Application or '
                                              'Claims Information',
                                              'Health Insurance Policy or '
                                              'Subscriber Number',
                                              'Health Information',
                                              'IRS Identity Protection Number',
                                              'Taxpayer Identification Number',
                                              'Medical History Information',
                                              'Treatment and Diagnosis '
                                              'Information',
                                              'Medical Record Number',
                                              'Social Security Number']},
 'description': 'An email phishing campaign resulted in the compromise of '
                "NorthStar's certain employees’ email credentials. An "
                'unauthorized actor gained access to certain employee email '
                'accounts between April 3 and May 24, 2018. The emails '
                'affected by this incident contained personal information '
                'including name, date of birth, health insurance application '
                'or claims information, health insurance policy or subscriber '
                'number, health information, IRS identity protection number, '
                'taxpayer identification number, medical history information, '
                'treatment and diagnosis information, and medical record '
                'number and social security number.',
 'impact': {'data_compromised': ['Personal Information', 'Health Information'],
            'systems_affected': 'Employee Email Accounts'},
 'initial_access_broker': {'entry_point': 'Email Phishing'},
 'post_incident_analysis': {'root_causes': 'Email Phishing Campaign'},
 'threat_actor': 'Unauthorized Actor',
 'title': 'NorthStar Email Phishing Campaign',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Compromised Email Credentials'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.