UC Health’s privacy office was notified that a Drake hospital employee had accessed medical records without authorization exposing 4,721 patients' records.
The exposed information includes patients’ names, addresses, dates of birth, medical record numbers, diagnosis/condition, lab results, and treatment, and medication information, according to UC Health.
The patients’ full Social Security numbers were not included with the information.
TPRM report: https://scoringcyber.rankiteo.com/company/uc-health
"id": "uch185081122",
"linkid": "uc-health",
"type": "Data Leak",
"date": "08/2017",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 4721,
'industry': 'Healthcare',
'name': 'UC Health',
'type': 'Healthcare Provider'}],
'attack_vector': 'Insider Threat',
'data_breach': {'number_of_records_exposed': 4721,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['names',
'addresses',
'dates of birth',
'medical record numbers',
'diagnosis/condition',
'lab results',
'treatment information',
'medication information']},
'description': 'UC Health’s privacy office was notified that a Drake hospital '
'employee had accessed medical records without authorization '
"exposing 4,721 patients' records. The exposed information "
'includes patients’ names, addresses, dates of birth, medical '
'record numbers, diagnosis/condition, lab results, and '
'treatment, and medication information, according to UC '
'Health. The patients’ full Social Security numbers were not '
'included with the information.',
'impact': {'data_compromised': ['names',
'addresses',
'dates of birth',
'medical record numbers',
'diagnosis/condition',
'lab results',
'treatment information',
'medication information']},
'threat_actor': 'Drake Hospital Employee',
'title': 'Unauthorized Access to Medical Records at UC Health',
'type': 'Data Breach',
'vulnerability_exploited': 'Unauthorized Access'}