Oakland Family Services

An unauthorized individual gained access to the email account of a Michigan-based non-profit organization Oakland Family Services via a phishing scam.

The unauthorized access leaked the data including the addresses, telephone numbers, dates of birth, internal client ID numbers, health plan ID numbers, insurance numbers, dates of services, and programs of approximately 16,000 clients.

The NGO immediately took action and informed the affected persons and trained its employees to avoid any such phishing scams in the future.

Source: https://www.scmagazine.com/news/breach/oakland-family-services-notifies-16k-clients-of-information-breach

TPRM report: https://scoringcyber.rankiteo.com/company/oakland-family-services

"id": "oak131220422",
"linkid": "oakland-family-services",
"type": "Breach",
"date": "09/2015",
"severity": "75",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '16,000',
                        'industry': 'Health and Human Services',
                        'location': 'Michigan',
                        'name': 'Oakland Family Services',
                        'type': 'Non-Profit Organization'}],
 'attack_vector': 'Phishing',
 'data_breach': {'number_of_records_exposed': '16,000',
                 'personally_identifiable_information': ['Addresses',
                                                         'Telephone Numbers',
                                                         'Dates of Birth',
                                                         'Internal Client ID '
                                                         'Numbers',
                                                         'Health Plan ID '
                                                         'Numbers',
                                                         'Insurance Numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Health Information']},
 'description': 'An unauthorized individual gained access to the email account '
                'of a Michigan-based non-profit organization Oakland Family '
                'Services via a phishing scam.',
 'impact': {'data_compromised': ['Addresses',
                                 'Telephone Numbers',
                                 'Dates of Birth',
                                 'Internal Client ID Numbers',
                                 'Health Plan ID Numbers',
                                 'Insurance Numbers',
                                 'Dates of Services',
                                 'Programs'],
            'systems_affected': ['Email Account']},
 'initial_access_broker': {'entry_point': 'Email Account'},
 'response': {'communication_strategy': ['Informed affected persons'],
              'remediation_measures': ['Trained employees to avoid phishing '
                                       'scams']},
 'threat_actor': 'Unauthorized Individual',
 'title': 'Phishing Scam at Oakland Family Services',
 'type': 'Phishing Scam',
 'vulnerability_exploited': 'Email Account'}

Oakland Family Services

Lazarus Naturals

Estes Forwarding Worldwide

Synnovis