Sunspire Health

Sunspire Health

Several employee email accounts were accessed in a phishing attack.

A hacker sends emails to individuals under a legitimate employee name and fools one or more recipients into revealing security information about the network.

Compromised includes patient names, dates of birth, Social Security numbers, treatment and diagnosis information, and health insurance information.

There is no evidence the information in the emails has been misused in any way.

Source: https://www.healthdatamanagement.com/articles/sunspire-health-patient-data-at-risk-from-email-breach

TPRM report: https://scoringcyber.rankiteo.com/company/sunspire-health

"id": "sun2349101122",
"linkid": "sunspire-health",
"type": "Breach",
"date": "07/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Healthcare',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Email',
 'data_breach': {'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Patient names',
                                              'Dates of birth',
                                              'Social Security numbers',
                                              'Treatment and diagnosis '
                                              'information',
                                              'Health insurance information']},
 'description': 'Several employee email accounts were accessed in a phishing '
                'attack. A hacker sends emails to individuals under a '
                'legitimate employee name and fools one or more recipients '
                'into revealing security information about the network. '
                'Compromised includes patient names, dates of birth, Social '
                'Security numbers, treatment and diagnosis information, and '
                'health insurance information. There is no evidence the '
                'information in the emails has been misused in any way.',
 'impact': {'data_compromised': ['Patient names',
                                 'Dates of birth',
                                 'Social Security numbers',
                                 'Treatment and diagnosis information',
                                 'Health insurance information'],
            'systems_affected': ['Employee email accounts']},
 'initial_access_broker': {'entry_point': 'Phishing Email'},
 'motivation': 'Data Theft',
 'post_incident_analysis': {'root_causes': 'Social Engineering via Phishing '
                                           'Email'},
 'threat_actor': 'Unknown Hacker',
 'title': 'Phishing Attack on Employee Email Accounts',
 'type': 'Phishing Attack',
 'vulnerability_exploited': 'Social Engineering'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.