University of Arkansas

University of Arkansas

University of Arkansas suffered a data breach incident after a former employee sent emails from her official email to her personal account with patient information.

The mail contained Excel spreadsheets hospital account numbers, dates of service, insurance type, claim information for billing purposes and medical record numbers and other personal information of about 518 patients.

Source: https://www.databreaches.net/university-of-arkansas-for-medical-sciences-notifying-518-patients-after-employee-emailed-phi-to-her-personal-gmail-account/

TPRM report: https://scoringcyber.rankiteo.com/company/university-of-arkansas

"id": "uni234718422",
"linkid": "university-of-arkansas",
"type": "Breach",
"date": "01/2022",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 518,
                        'industry': 'Education',
                        'name': 'University of Arkansas',
                        'type': 'University'}],
 'attack_vector': 'Email',
 'data_breach': {'data_exfiltration': 'Yes',
                 'file_types_exposed': 'Excel spreadsheets',
                 'number_of_records_exposed': 518,
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Hospital account numbers',
                                              'Dates of service',
                                              'Insurance type',
                                              'Claim information for billing '
                                              'purposes',
                                              'Medical record numbers',
                                              'Other personal information']},
 'description': 'A former employee sent emails from her official email to her '
                'personal account containing patient information.',
 'impact': {'data_compromised': ['Hospital account numbers',
                                 'Dates of service',
                                 'Insurance type',
                                 'Claim information for billing purposes',
                                 'Medical record numbers',
                                 'Other personal information']},
 'threat_actor': 'Former Employee',
 'title': 'University of Arkansas Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Insider Threat'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.