An employee of UC Irvine Medical Center unethically viewed thousands of patient records over a four-year period.
The incident compromised the personal health information including names, dates of birth, gender, medical record numbers, height, weight, medical center account numbers, allergy information, home address, medical documentation, diagnoses, test orders and results, of 4,859 patients .
The center investigated the incident with the help of external security experts and notifies the affected patients.
Source: https://healthitsecurity.com/news/uc-irvine-health-data-breach-affects-4800-patients
TPRM report: https://scoringcyber.rankiteo.com/company/uc-irvine-medical-center
"id": "uci2241522",
"linkid": "uc-irvine-medical-center",
"type": "Breach",
"date": "03/2015",
"severity": "90",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '4,859 patients',
'industry': 'Healthcare',
'location': 'Irvine, CA',
'name': 'UC Irvine Medical Center',
'type': 'Hospital'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'number_of_records_exposed': '4,859',
'personally_identifiable_information': ['names',
'dates of birth',
'gender',
'medical record '
'numbers',
'height',
'weight',
'medical center '
'account numbers',
'allergy information',
'home address'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['names',
'dates of birth',
'gender',
'medical record numbers',
'height',
'weight',
'medical center account numbers',
'allergy information',
'home address',
'medical documentation',
'diagnoses',
'test orders and results']},
'description': 'An employee of UC Irvine Medical Center unethically viewed '
'thousands of patient records over a four-year period. The '
'incident compromised the personal health information '
'including names, dates of birth, gender, medical record '
'numbers, height, weight, medical center account numbers, '
'allergy information, home address, medical documentation, '
'diagnoses, test orders and results, of 4,859 patients.',
'impact': {'data_compromised': ['names',
'dates of birth',
'gender',
'medical record numbers',
'height',
'weight',
'medical center account numbers',
'allergy information',
'home address',
'medical documentation',
'diagnoses',
'test orders and results']},
'motivation': 'Unethical Behavior',
'response': {'communication_strategy': 'notifies the affected patients',
'third_party_assistance': 'external security experts'},
'threat_actor': 'Employee',
'title': 'Unauthorized Access to Patient Records at UC Irvine Medical Center',
'type': 'Data Breach',
'vulnerability_exploited': 'Insider Threat'}