Partnership HealthPlan of California

The private data for 850,000 members of Partnership HealthPlan of California was stolen by a ransomware group called Hive.

Its website displayed a message saying that it faced technical difficulties, resulting in a disruption to certain computer systems after its computer systems were down due to the attack.

The group published 400 gigabytes of stolen data including 850,000 unique records of name, SSN, date of birth, address, contact, etc. on its website on the dark web.

Partnership notified more than 618,000 Medi-Cal members across 14 Northern California counties about the attack.

Source: https://www.pressdemocrat.com/article/news/ransomware-group-claims-responsibility-for-partnership-healthplan-internet/

TPRM report: https://www.rankiteo.com/company/partnership-healthplan-of-california

"id": "par232123522",
"linkid": "partnership-healthplan-of-california",
"type": "Ransomware",
"date": "6/2017",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"

{'affected_entities': [{'customers_affected': '850,000 members',
                        'industry': 'Healthcare',
                        'location': 'Northern California',
                        'name': 'Partnership HealthPlan of California',
                        'type': 'Healthcare Plan'}],
 'attack_vector': 'Ransomware',
 'customer_advisories': 'Notified more than 618,000 Medi-Cal members across 14 '
                        'Northern California counties about the attack',
 'data_breach': {'data_exfiltration': '400 gigabytes of stolen data',
                 'number_of_records_exposed': '850,000',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Name, SSN, date of birth, '
                                             'address, contact, etc.'},
 'description': 'The private data for 850,000 members of Partnership '
                'HealthPlan of California was stolen by a ransomware group '
                'called Hive. Its website displayed a message saying that it '
                'faced technical difficulties, resulting in a disruption to '
                'certain computer systems after its computer systems were down '
                'due to the attack. The group published 400 gigabytes of '
                'stolen data including 850,000 unique records of name, SSN, '
                'date of birth, address, contact, etc. on its website on the '
                'dark web. Partnership notified more than 618,000 Medi-Cal '
                'members across 14 Northern California counties about the '
                'attack.',
 'impact': {'data_compromised': '400 gigabytes including 850,000 unique '
                                'records of name, SSN, date of birth, address, '
                                'contact, etc.',
            'downtime': 'Resulted in a disruption to certain computer systems',
            'operational_impact': 'Website displayed a message saying that it '
                                  'faced technical difficulties'},
 'initial_access_broker': {'data_sold_on_dark_web': '400 gigabytes of stolen '
                                                    'data published on the '
                                                    'dark web'},
 'motivation': 'Data Theft',
 'ransomware': {'data_exfiltration': '400 gigabytes of stolen data',
                'ransomware_strain': 'Hive'},
 'response': {'communication_strategy': 'Notified more than 618,000 Medi-Cal '
                                        'members across 14 Northern California '
                                        'counties about the attack'},
 'threat_actor': 'Hive',
 'title': 'Ransomware Attack on Partnership HealthPlan of California',
 'type': 'Ransomware'}