University of North Carolina at Chapel Hill School of Medicine

An unauthorized person may have gained access to the University of North Carolina at Chapel Hill School of Medicine (SOM) faculty member’s email account and breached certain patient's information.

This SOM faculty member provides clinical services at UNC Hospitals and thus was more prone to leak patient information.

The investigation indicated the account contained messages or attachments that included some patient information, including patients’ names, dates of birth, diagnosis, and treatment information related to care patients received from UNC Hospitals.

However, Health insurance information was identified for less than 30 patients and Social Security numbers for less than 10 individuals.

Source: https://www.databreaches.net/nc-university-of-north-carolina-at-chapel-hill-school-of-medicine-and-university-of-north-carolina-hospitals-notifying-some-patients-of-breach/

TPRM report: https://scoringcyber.rankiteo.com/company/university-of-north-carolina-at-chapel-hill-school-of-medicine

"id": "uni141311722",
"linkid": "university-of-north-carolina-at-chapel-hill-school-of-medicine",
"type": "Breach",
"date": "07/2022",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'Healthcare',
                        'location': 'Chapel Hill, North Carolina',
                        'name': 'University of North Carolina at Chapel Hill '
                                'School of Medicine',
                        'type': 'Educational Institution'}],
 'attack_vector': 'Email Account Compromise',
 'data_breach': {'file_types_exposed': ['Messages', 'Attachments'],
                 'personally_identifiable_information': ['Names',
                                                         'Dates of birth',
                                                         'Social Security '
                                                         'numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ["Patients' names",
                                              'Dates of birth',
                                              'Diagnosis',
                                              'Treatment information',
                                              'Health insurance information',
                                              'Social Security numbers']},
 'description': 'An unauthorized person may have gained access to the '
                'University of North Carolina at Chapel Hill School of '
                'Medicine (SOM) faculty member’s email account and breached '
                "certain patient's information. This SOM faculty member "
                'provides clinical services at UNC Hospitals and thus was more '
                'prone to leak patient information. The investigation '
                'indicated the account contained messages or attachments that '
                'included some patient information, including patients’ names, '
                'dates of birth, diagnosis, and treatment information related '
                'to care patients received from UNC Hospitals. However, health '
                'insurance information was identified for less than 30 '
                'patients and Social Security numbers for less than 10 '
                'individuals.',
 'impact': {'data_compromised': ["Patients' names",
                                 'Dates of birth',
                                 'Diagnosis',
                                 'Treatment information',
                                 'Health insurance information (<30 patients)',
                                 'Social Security numbers (<10 individuals)']},
 'threat_actor': 'Unauthorized Person',
 'title': 'Unauthorized Access to UNC Chapel Hill School of Medicine Faculty '
          'Email',
 'type': 'Data Breach'}