cyber Breach

The Elizabeth Hospice

May 11, 2023 1 min read
The Elizabeth Hospice

The Elizabeth Hospice (TEH), a nonprofit hospice suffered a data breach in October 2022.

One of its former employees had forwarded emails from her business account to her personal email account.

Information like names, dates of admission, patient account numbers, dates of discharge, and basic health information were involved in the incident.

Upon detecting the incident, they moved quickly to initiate a response, which included conducting an investigation to determine the extent of PHI transferred and identify potentially impacted individuals.

Source: https://healthitsecurity.com/news/multicare-notifies-23k-of-third-party-breach

TPRM report: https://scoringcyber.rankiteo.com/company/the-elizabeth-hospice

"id": "the121251222",
"linkid": "the-elizabeth-hospice",
"type": "Breach",
"date": "10/2022",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Healthcare',
                        'name': 'The Elizabeth Hospice',
                        'type': 'Nonprofit Hospice'}],
 'attack_vector': 'Insider Threat',
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Names',
                                              'Dates of Admission',
                                              'Patient Account Numbers',
                                              'Dates of Discharge',
                                              'Basic Health Information']},
 'date_detected': '2022-10',
 'description': 'A former employee of The Elizabeth Hospice forwarded emails '
                'containing patient information from her business account to '
                'her personal email account.',
 'impact': {'data_compromised': ['Names',
                                 'Dates of Admission',
                                 'Patient Account Numbers',
                                 'Dates of Discharge',
                                 'Basic Health Information']},
 'initial_access_broker': {'entry_point': 'Email Forwarding'},
 'investigation_status': 'In Progress',
 'post_incident_analysis': {'root_causes': 'Unauthorized data transfer by '
                                           'former employee'},
 'response': {'containment_measures': 'Initiated an investigation to determine '
                                      'the extent of PHI transferred and '
                                      'identify potentially impacted '
                                      'individuals.',
              'incident_response_plan_activated': True},
 'threat_actor': 'Former Employee',
 'title': 'Data Breach at The Elizabeth Hospice',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Unauthorized Data Transfer'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.