The California Office of the Attorney General reported that UC Davis Health experienced a data breach on May 24, 2023, where an unauthorized individual accessed an employee's work email account. The exposed information may have included patients' names and health information, but not credit card or PIN numbers. The number of individuals affected is unknown.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-570834
TPRM report: https://www.rankiteo.com/company/ucdavishealth
"id": "ucd334072625",
"linkid": "ucdavishealth",
"type": "Breach",
"date": "5/2023",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'California',
'name': 'UC Davis Health',
'type': 'Healthcare'}],
'attack_vector': 'Email Account Compromise',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ["Patients' names",
'Health information']},
'date_detected': '2023-05-24',
'description': 'The California Office of the Attorney General reported that '
'UC Davis Health experienced a data breach on May 24, 2023, '
"where an employee's work email account was accessed by an "
'unauthorized individual. Although specific details on the '
'number of individuals affected are UNKN, the exposed '
"information may have included patients' names and health "
'information, but not credit card or PIN numbers.',
'impact': {'data_compromised': ["Patients' names", 'Health information']},
'initial_access_broker': {'entry_point': 'Email Account'},
'references': [{'source': 'California Office of the Attorney General'}],
'threat_actor': 'Unauthorized Individual',
'title': 'UC Davis Health Data Breach',
'type': 'Data Breach'}