The California Office of the Attorney General reported on May 8, 2019, that St. Vincent Medical Center experienced a data breach due to unauthorized access to a physician's email account, initially compromised on March 15, 2019. The breach potentially exposed names, dates of birth, medical record numbers, health plan names, and other health-related information, but not financial account numbers or Social Security numbers. The exact number of individuals affected remains unknown.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-147052
TPRM report: https://www.rankiteo.com/company/st.-vincent-medical-center
"id": "st.732080425",
"linkid": "st.-vincent-medical-center",
"type": "Breach",
"date": "3/2019",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'California',
'name': 'St. Vincent Medical Center',
'type': 'Healthcare'}],
'attack_vector': 'Email Compromise',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Dates of Birth',
'Medical Record Numbers',
'Health Plan Names',
'Other Health-Related '
'Information']},
'date_detected': '2019-03-15',
'date_publicly_disclosed': '2019-05-08',
'description': "Unauthorized access to a physician's email account "
'potentially exposed patient information.',
'impact': {'data_compromised': ['Names',
'Dates of Birth',
'Medical Record Numbers',
'Health Plan Names',
'Other Health-Related Information']},
'initial_access_broker': {'entry_point': 'Email Account'},
'references': [{'date_accessed': '2019-05-08',
'source': 'California Office of the Attorney General'}],
'title': 'Data Breach at St. Vincent Medical Center',
'type': 'Data Breach',
'vulnerability_exploited': 'Unauthorized Access'}