Renown Health announced it was mailing letters to patients whose information had been stored on the lost thumb drive containing their personal data.
An unnamed Renown employee first reported the thumb drive missing on June 30, according to a statement from the company.
Renown said investigators determined the drive contained patient and doctors’ names, medical record numbers, diagnoses, and clinical information.
The company said patient Social Security numbers and financial information were not at risk.
TPRM report: https://scoringcyber.rankiteo.com/company/renown-health
"id": "ren23589423",
"linkid": "renown-health",
"type": "Data Leak",
"date": "08/2019",
"severity": "50",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'industry': 'Healthcare',
'name': 'Renown Health',
'type': 'Healthcare Provider'}],
'attack_vector': 'Lost Thumb Drive',
'customer_advisories': 'Mailing letters to affected patients',
'data_breach': {'personally_identifiable_information': ['patient names',
'medical record '
'numbers'],
'sensitivity_of_data': 'Medium',
'type_of_data_compromised': ['patient names',
"doctors' names",
'medical record numbers',
'diagnoses',
'clinical information']},
'date_detected': '2023-06-30',
'description': 'Renown Health announced it was mailing letters to patients '
'whose information had been stored on the lost thumb drive '
'containing their personal data.',
'impact': {'data_compromised': ['patient names',
"doctors' names",
'medical record numbers',
'diagnoses',
'clinical information']},
'references': [{'source': 'Renown Health Statement'}],
'response': {'communication_strategy': 'Mailing letters to affected patients'},
'title': 'Renown Health Data Breach via Lost Thumb Drive',
'type': 'Data Breach',
'vulnerability_exploited': 'Physical Loss of Storage Device'}