The California Office of the Attorney General reported a data breach involving Palomar Health on October 20, 2017. The breach occurred on September 27, 2017, when an employee mistakenly sent an email containing patient information to an unintended recipient, affecting an unspecified number of individuals. The information exposed included patient names, identification numbers, and treatment dates, but did not include sensitive information such as social security numbers or payment details.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-102889
TPRM report: https://www.rankiteo.com/company/palomar-health
"id": "pal530072725",
"linkid": "palomar-health",
"type": "Breach",
"date": "9/2017",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'industry': 'Healthcare',
'location': 'California',
'name': 'Palomar Health',
'type': 'Healthcare'}],
'attack_vector': 'Email',
'data_breach': {'personally_identifiable_information': ['Patient names',
'Identification '
'numbers',
'Treatment dates'],
'sensitivity_of_data': 'Medium',
'type_of_data_compromised': ['Patient names',
'Identification numbers',
'Treatment dates']},
'date_detected': '2017-09-27',
'date_publicly_disclosed': '2017-10-20',
'description': 'An employee mistakenly sent an email containing patient '
'information to an unintended recipient, affecting an '
'unspecified number of individuals.',
'impact': {'data_compromised': ['Patient names',
'Identification numbers',
'Treatment dates']},
'post_incident_analysis': {'root_causes': 'Human Error'},
'references': [{'date_accessed': '2017-10-20',
'source': 'California Office of the Attorney General'}],
'title': 'Palomar Health Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Human Error'}