The California Office of the Attorney General reported on August 7, 2014, that the San Mateo Medical Center experienced a data breach on December 5, 2013. The breach involved payroll information accessed by a newly hired employee who failed to disclose a prior conviction for identity theft, potentially compromising names, contact information, Social Security numbers, and dates of birth of current and former employees.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-46155
TPRM report: https://www.rankiteo.com/company/san-mateo-medical-center
"id": "san752072825",
"linkid": "san-mateo-medical-center",
"type": "Breach",
"date": "12/2013",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'San Mateo, California',
'name': 'San Mateo Medical Center',
'type': 'Healthcare'}],
'attack_vector': 'Insider Threat',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Contact Information',
'Social Security Numbers',
'Dates of Birth']},
'date_detected': '2013-12-05',
'date_publicly_disclosed': '2014-08-07',
'description': 'A newly hired employee with a prior conviction for identity '
'theft accessed payroll information, potentially compromising '
'names, contact information, Social Security numbers, and '
'dates of birth of current and former employees.',
'impact': {'data_compromised': ['Names',
'Contact Information',
'Social Security Numbers',
'Dates of Birth'],
'identity_theft_risk': 'High'},
'motivation': 'Identity Theft',
'references': [{'date_accessed': '2014-08-07',
'source': 'California Office of the Attorney General'}],
'threat_actor': 'Insider',
'title': 'San Mateo Medical Center Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Unauthorized Access'}