On June 27, 2016, the California Office of the Attorney General disclosed a data breach at SCAN Health Plan, stemming from unauthorized access to sensitive personal information. The incident, which began on March 4, 2016, exposed data belonging to multiple individuals, including names, addresses, phone numbers, dates of birth, and limited health information. While the breach did not involve financial records or extensive medical histories, the exposure of personally identifiable information (PII) and health-related details poses risks such as identity theft, targeted phishing, or fraud. In response, SCAN Health Plan offered one year of free identity protection services to affected individuals to mitigate potential harm. The breach highlights vulnerabilities in safeguarding customer data, particularly in sectors handling healthcare information, where even limited disclosures can have lasting reputational and operational consequences.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-63472
TPRM report: https://www.rankiteo.com/company/thescangroup
"id": "the727082025",
"linkid": "thescangroup",
"type": "Breach",
"date": "3/2016",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Multiple individuals (exact '
'number unspecified)',
'industry': 'Healthcare',
'location': 'California, USA',
'name': 'SCAN Health Plan',
'type': 'Healthcare Provider'}],
'customer_advisories': 'Identity protection services offered for one year to '
'affected individuals',
'data_breach': {'data_exfiltration': 'Likely (unauthorized access confirmed)',
'personally_identifiable_information': ['names',
'addresses',
'phone numbers',
'dates of birth'],
'sensitivity_of_data': 'High (PII and health information)',
'type_of_data_compromised': ['personal information',
'limited health information']},
'date_detected': '2016-06-27',
'date_publicly_disclosed': '2016-06-27',
'description': 'The California Office of the Attorney General reported that '
'SCAN Health Plan experienced a data breach involving '
'unauthorized access to personal information on June 27, 2016. '
'The breach began on March 4, 2016, and may have affected '
'multiple individuals, exposing names, addresses, phone '
'numbers, dates of birth, and limited health information. SCAN '
'Health Plan is providing identity protection services for one '
'year free of charge to affected individuals.',
'impact': {'data_compromised': ['names',
'addresses',
'phone numbers',
'dates of birth',
'limited health information'],
'identity_theft_risk': 'High (identity protection services '
'offered)'},
'references': [{'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': 'Reported to California '
'Office of the Attorney '
'General'},
'response': {'remediation_measures': 'Identity protection services provided '
'for one year to affected individuals'},
'title': 'SCAN Health Plan Data Breach (2016)',
'type': 'Data Breach'}