Stormont Vail’s internal vaccine scheduling site suffered a data security breach after an unauthorized party got its access.
An employee(s) shared the online vaccine scheduling program with people outside of Stormont Vail that caused the breach.
Stormont disabled the link immediately and their team reviewed the scheduled appointments.
Source: https://www.databreaches.net/unauthorized-access-of-stormont-vails-internal-vaccine-scheduling-site/
TPRM report: https://scoringcyber.rankiteo.com/company/stormont-vail-healthcare
"id": "sto225424522",
"linkid": "stormont-vail-healthcare",
"type": "Breach",
"date": "01/2022",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Healthcare',
'name': 'Stormont Vail',
'type': 'Healthcare Organization'}],
'attack_vector': 'Unauthorized Access',
'description': 'Stormont Vail’s internal vaccine scheduling site suffered a '
'data security breach after an unauthorized party got its '
'access. An employee(s) shared the online vaccine scheduling '
'program with people outside of Stormont Vail that caused the '
'breach. Stormont disabled the link immediately and their team '
'reviewed the scheduled appointments.',
'impact': {'systems_affected': 'Online Vaccine Scheduling Program'},
'initial_access_broker': {'entry_point': 'Online Vaccine Scheduling Program'},
'post_incident_analysis': {'root_causes': 'Employee(s) sharing sensitive '
'information'},
'response': {'containment_measures': 'Disabled the link immediately',
'recovery_measures': 'Reviewed the scheduled appointments'},
'threat_actor': 'Unauthorized Party',
'title': 'Stormont Vail Vaccine Scheduling Site Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Employee Sharing Sensitive Information'}