The California Office of the Attorney General reported a data breach involving Kaiser Permanente Northern California on July 12, 2016. The breach occurred when two employees stole ultrasound machines, some of which contained protected health information (PHI). The specific number of affected individuals is unknown, as well as detailed types of information involved, though it did not include social security numbers.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-62796
TPRM report: https://www.rankiteo.com/company/the-permanente-medical-group-inc.
"id": "the554072725",
"linkid": "the-permanente-medical-group-inc.",
"type": "Breach",
"date": "6/2010",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'California',
'name': 'Kaiser Permanente Northern California',
'type': 'Healthcare Provider'}],
'attack_vector': 'Insider Threat',
'data_breach': {'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Protected Health Information '
'(PHI)'},
'date_detected': '2016-07-12',
'date_publicly_disclosed': '2016-07-12',
'description': 'The California Office of the Attorney General reported a data '
'breach involving Kaiser Permanente Northern California on '
'July 12, 2016. The breach occurred when two employees stole '
'ultrasound machines, some of which contained protected health '
'information (PHI). The specific number of affected '
'individuals is unknown, as well as detailed types of '
'information involved, though it did not include social '
'security numbers.',
'impact': {'data_compromised': 'Protected Health Information (PHI)',
'systems_affected': 'Ultrasound Machines'},
'motivation': 'Unknown',
'references': [{'date_accessed': '2016-07-12',
'source': 'California Office of the Attorney General'}],
'threat_actor': 'Employees',
'title': 'Kaiser Permanente Northern California Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Physical Theft'}