On March 17, 2020, the California Office of the Attorney General reported a data breach involving Tandem Diabetes Care. The breach occurred between January 17, 2020, and January 20, 2020, and involved unauthorized access to employee email accounts through a phishing incident. This potentially affected the personal information of 438 individuals in Rhode Island, including names, contact information, Social Security numbers, and clinical data.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-188367
TPRM report: https://www.rankiteo.com/company/tandemdiabetes
"id": "tan628072525",
"linkid": "tandemdiabetes",
"type": "Breach",
"date": "1/2020",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 438,
'industry': 'Healthcare',
'location': 'Rhode Island',
'name': 'Tandem Diabetes Care',
'type': 'Company'}],
'attack_vector': 'Phishing',
'data_breach': {'number_of_records_exposed': 438,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['names',
'contact information',
'Social Security numbers',
'clinical data']},
'date_detected': '2020-01-17',
'date_publicly_disclosed': '2020-03-17',
'description': 'Unauthorized access to employee email accounts through a '
'phishing incident, potentially affecting personal information '
'of individuals, including names, contact information, Social '
'Security numbers, and clinical data.',
'impact': {'data_compromised': ['names',
'contact information',
'Social Security numbers',
'clinical data']},
'initial_access_broker': {'entry_point': 'Phishing Email'},
'post_incident_analysis': {'root_causes': 'Phishing Email'},
'references': [{'date_accessed': '2020-03-17',
'source': 'California Office of the Attorney General'}],
'title': 'Tandem Diabetes Care Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Human Error'}