cyber Breach

SA Health

Oct 28, 2023 1 min read
SA Health

Patients in South Australia affected by Personify Care's third-party platform data breach.

The exposed data contained the health information of 121 patients on “supervised medication protocols”.

12,624 patients who were invited to use the platform were also listed, along with their names and phone numbers.

An "unauthorised third party" was able to erase a folder containing patient papers that had been submitted to an internet platform, according to the state administration, due to "unintentional human error" on the part of the patient portal Personify Care.

Source: https://www.abc.net.au/news/2023-10-28/sa-health-patients-caught-up-in-personify-care-data-breach/103034930

TPRM report: https://scoringcyber.rankiteo.com/company/sa-health

"id": "sah1747281023",
"linkid": "sa-health",
"type": "Data Leak",
"date": "10/2023",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': [121, 12624],
                        'industry': 'Healthcare',
                        'location': 'South Australia',
                        'name': 'Personify Care',
                        'type': 'Healthcare'}],
 'attack_vector': 'Unintentional Human Error',
 'data_breach': {'number_of_records_exposed': 12745,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Health Information',
                                              'Names',
                                              'Phone Numbers']},
 'description': "Patients in South Australia affected by Personify Care's "
                'third-party platform data breach. The exposed data contained '
                "the health information of 121 patients on 'supervised "
                "medication protocols'. 12,624 patients who were invited to "
                'use the platform were also listed, along with their names and '
                "phone numbers. An 'unauthorised third party' was able to "
                'erase a folder containing patient papers that had been '
                'submitted to an internet platform, according to the state '
                "administration, due to 'unintentional human error' on the "
                'part of the patient portal Personify Care.',
 'impact': {'data_compromised': ['Health Information',
                                 'Names',
                                 'Phone Numbers']},
 'post_incident_analysis': {'root_causes': 'Unintentional Human Error'},
 'threat_actor': 'Unauthorized Third Party',
 'title': 'Personify Care Data Breach',
 'type': 'Data Breach'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.