The California Office of the Attorney General reported a data breach incident involving OptumRx on April 8, 2016. The breach occurred on March 16, 2016, when an unencrypted laptop belonging to a vendor was stolen in Indianapolis, Indiana, potentially exposing names, addresses, health plan information, prescription drug details, and in some cases, dates of birth. Approximately UNKN individuals were affected, and no financial information was compromised.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-60898
TPRM report: https://www.rankiteo.com/company/optum
"id": "opt846072525",
"linkid": "optum",
"type": "Breach",
"date": "3/2016",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'customers_affected': 'UNKN',
'industry': 'Healthcare',
'location': 'Indianapolis, Indiana',
'name': 'OptumRx',
'type': 'Healthcare'}],
'attack_vector': 'Physical Theft',
'data_breach': {'data_encryption': 'No',
'number_of_records_exposed': 'UNKN',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Addresses',
'Health Plan Information',
'Prescription Drug Details',
'Dates of Birth']},
'date_detected': '2016-03-16',
'date_publicly_disclosed': '2016-04-08',
'description': 'A data breach incident involving OptumRx where an unencrypted '
'laptop belonging to a vendor was stolen, potentially exposing '
'personal and health information.',
'impact': {'data_compromised': ['Names',
'Addresses',
'Health Plan Information',
'Prescription Drug Details',
'Dates of Birth']},
'motivation': 'Unknown',
'references': [{'date_accessed': '2016-04-08',
'source': 'California Office of the Attorney General'}],
'threat_actor': 'Unknown',
'title': 'OptumRx Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Unencrypted Laptop'}