The California Office of the Attorney General reported that UC San Diego Health experienced a data breach due to a phishing attack, which occurred between January 9 and January 22, 2024. The breach involved unauthorized access to employee email accounts, potentially exposing personal information such as names and Social Security numbers, affecting an unspecified number of individuals. The breach was reported on March 8, 2024.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-582207
TPRM report: https://www.rankiteo.com/company/ucsdhealth
"id": "ucs108072625",
"linkid": "ucsdhealth",
"type": "Breach",
"date": "1/2024",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'San Diego, California',
'name': 'UC San Diego Health',
'type': 'Healthcare'}],
'attack_vector': 'Phishing',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Social Security numbers']},
'date_detected': '2024-03-08',
'date_publicly_disclosed': '2024-03-08',
'description': 'The California Office of the Attorney General reported that '
'UC San Diego Health experienced a data breach due to a '
'phishing attack, which occurred between January 9 and January '
'22, 2024. The breach involved unauthorized access to employee '
'email accounts, potentially exposing personal information '
'such as names and Social Security numbers, affecting an '
'unspecified number of individuals. The breach was reported on '
'March 8, 2024.',
'impact': {'data_compromised': ['Names', 'Social Security numbers'],
'systems_affected': ['Employee email accounts']},
'initial_access_broker': {'entry_point': 'Phishing email'},
'references': [{'date_accessed': '2024-03-08',
'source': 'California Office of the Attorney General'}],
'title': 'UC San Diego Health Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Human'}