The Maryland Office of the Attorney General reported a data breach involving Onsite Mammography, LLC on February 21, 2025. The breach was discovered in October 2024 and involved unauthorized access to an employee's email account, potentially exposing personal and protected health information (PHI) of individuals. The number of affected individuals is currently unknown.
Source: https://ago.vermont.gov/document/2025-04-21-onsite-mammography-data-breach-notice-consumers
TPRM report: https://www.rankiteo.com/company/onsitewomenshealth
"id": "ons048072425",
"linkid": "onsitewomenshealth",
"type": "Breach",
"date": "10/2024",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Healthcare',
'name': 'Onsite Mammography, LLC',
'type': 'Healthcare'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information',
'Protected Health Information '
'(PHI)']},
'date_detected': 'October 2024',
'date_publicly_disclosed': 'February 21, 2025',
'description': 'The Maryland Office of the Attorney General reported a data '
'breach involving Onsite Mammography, LLC on February 21, '
'2025. The breach was discovered in October 2024 and involved '
"unauthorized access to an employee's email account, "
'potentially exposing personal and protected health '
'information (PHI) of individuals. The number of affected '
'individuals is currently unknown.',
'impact': {'data_compromised': ['Personal Information',
'Protected Health Information (PHI)']},
'initial_access_broker': {'entry_point': 'Email Account'},
'references': [{'date_accessed': 'February 21, 2025',
'source': 'Maryland Office of the Attorney General'}],
'title': 'Data Breach at Onsite Mammography, LLC',
'type': 'Data Breach',
'vulnerability_exploited': 'Email Account'}