Saint Agnes Medical Center

On May 2, 2016, Saint Agnes Medical Center fell victim to a **Business Email Compromise (BEC) attack**, leading to a significant **data breach** that exposed sensitive employee information. The incident compromised **W-2 tax forms** of **2,812 employees**, including highly confidential details such as **names, home addresses, salaries, tax withholding data, and Social Security Numbers (SSNs)**. The breach stemmed from a targeted phishing scam, where attackers impersonated a legitimate entity to deceive employees into disclosing payroll-related credentials or redirecting sensitive data. Such exposures pose severe risks, including **identity theft, financial fraud, and long-term reputational harm** to both the affected individuals and the organization. The breach underscored vulnerabilities in email security protocols and the critical need for robust **employee training, multi-factor authentication (MFA), and fraud detection mechanisms** to mitigate similar threats in healthcare institutions, where safeguarding personnel data is paramount.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-61673

TPRM report: https://www.rankiteo.com/company/st.-agnes-hospital

"id": "st.024091825",
"linkid": "st.-agnes-hospital",
"type": "Breach",
"date": "5/2016",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'customers_affected': '2,812 (employees)',
                        'industry': 'Healthcare',
                        'location': 'California, USA',
                        'name': 'Saint Agnes Medical Center',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Business Email Compromise (BEC)',
 'data_breach': {'data_exfiltration': 'Yes',
                 'file_types_exposed': ['W-2 forms'],
                 'number_of_records_exposed': '2,812',
                 'personally_identifiable_information': ['Names',
                                                         'Addresses',
                                                         'Salaries',
                                                         'Withholding '
                                                         'Information',
                                                         'Social Security '
                                                         'Numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information (PII)',
                                              'Tax/Financial Data']},
 'date_detected': '2016-05-02',
 'description': 'The California Office of the Attorney General reported that '
                'Saint Agnes Medical Center experienced a data breach on May '
                '2, 2016, affecting 2,812 employees. The breach resulted from '
                'a Business Email Compromise (BEC) attack that compromised W-2 '
                'data, including names, addresses, salaries, withholding '
                'information, and Social Security Numbers.',
 'impact': {'data_compromised': ['W-2 data (names, addresses, salaries, '
                                 'withholding information, Social Security '
                                 'Numbers)'],
            'identity_theft_risk': 'High (SSNs compromised)'},
 'initial_access_broker': {'high_value_targets': ['Employee W-2 data']},
 'references': [{'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['California Office of '
                                                        'the Attorney '
                                                        'General']},
 'title': 'Saint Agnes Medical Center Data Breach (2016)',
 'type': 'Data Breach'}