Prisma Health

Prisma Health

Prisma Health claims that staff members and volunteers at various hospitals in the Midlands have had their personal information posted online.

An employee at Prisma Health had their login information stolen, which led to the discovery of the issue.

Given that Prisma Health cited multiple dates for the theft, it is unclear from their statement if these were two incidences involving the same doctor or distinct doctors.

Affected personal information includes a person's entire name, address, date of birth, and medical information. Social Security numbers and details about health insurance may have been impacted in some cases.

Source: https://www.databreaches.net/sc-prisma-health-discloses-third-patient-data-breach-in-two-months/

TPRM report: https://scoringcyber.rankiteo.com/company/prisma-health

"id": "pri33923423",
"linkid": "prisma-health",
"type": "Data Leak",
"date": "10/2019",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Healthcare',
                        'location': 'Midlands',
                        'name': 'Prisma Health',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Stolen Credentials',
 'data_breach': {'personally_identifiable_information': ['Full Name',
                                                         'Address',
                                                         'Date of Birth',
                                                         'Social Security '
                                                         'Numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Medical Information',
                                              'Health Insurance Details']},
 'description': 'Prisma Health reported that personal information of staff '
                'members and volunteers at various hospitals in the Midlands '
                'has been posted online due to stolen login information of an '
                'employee.',
 'impact': {'data_compromised': ['Full Name',
                                 'Address',
                                 'Date of Birth',
                                 'Medical Information',
                                 'Social Security Numbers',
                                 'Health Insurance Details']},
 'initial_access_broker': {'entry_point': 'Stolen Login Information'},
 'post_incident_analysis': {'root_causes': 'Stolen Login Information'},
 'title': 'Prisma Health Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Stolen Login Information'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.