On June 3, 2024, the California Office of the Attorney General reported a data breach involving Philips Respironics, which occurred on May 31, 2023. An unauthorized party exploited a vulnerability in the MOVEit Transfer software to access personal information, including patient names, addresses, and insurance details.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-586333
TPRM report: https://www.rankiteo.com/company/philips
"id": "phi049072425",
"linkid": "philips",
"type": "Vulnerability",
"date": "5/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Healthcare',
'name': 'Philips Respironics',
'type': 'Company'}],
'attack_vector': 'Software Vulnerability',
'data_breach': {'personally_identifiable_information': True,
'type_of_data_compromised': ['patient names',
'addresses',
'insurance details']},
'date_detected': '2023-05-31',
'date_publicly_disclosed': '2024-06-03',
'description': 'An unauthorized party exploited a vulnerability in the MOVEit '
'Transfer software to access personal information, including '
'patient names, addresses, and insurance details.',
'impact': {'data_compromised': ['patient names',
'addresses',
'insurance details']},
'references': [{'date_accessed': '2024-06-03',
'source': 'California Office of the Attorney General'}],
'title': 'Philips Respironics Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'MOVEit Transfer software vulnerability'}