The University of Vermont Medical Center

The University of Vermont Medical Center suffered from a phishing incident in May 22 after an unauthorised third party got access to an employee's email account.

2300 UVM Medical Centre patients were impacted by this occurrence.

An email in the account was found to have patient information, including possible patient names, addresses, dates of birth, medical record numbers, and clinical details including diagnoses, treatments, doctors' names, and prescriptions.

The email account did not contain the patients' social security numbers or financial details such as bank account or credit card numbers.

They started an investigation and swiftly terminated the employee's email account.

Source: https://www.databreaches.net/university-of-vermont-medical-center-notifies-2300-patients-of-phishing-incident/

"id": "THE1159261022",
"linkid": "university-of-vermont-medical-center",
"type": "Data Leak",
"date": "05/2017",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"