Breach cyber

University Hospital

Jan 1, 2016 1 min read
University Hospital

The Maine Office of the Attorney General reported that University Hospital experienced an insider wrongdoing incident involving a former employee who accessed patient information without authorization between January 1, 2016, and December 31, 2017. The breach was discovered on August 24, 2021, and affected a total of 9,329 individuals, with 2 residents from Maine specifically. Notification letters were sent to those affected on October 8, 2021, and identity theft protection services were offered for one year through Experian.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/0d7984b5-411f-4302-a834-ac94bc1e41d7.shtml

TPRM report: https://www.rankiteo.com/company/university-hospitals

"id": "uni333072725",
"linkid": "university-hospitals",
"type": "Breach",
"date": "1/2016",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'customers_affected': 9329,
                        'industry': 'Healthcare',
                        'name': 'University Hospital',
                        'type': 'Healthcare'}],
 'attack_vector': 'Unauthorized Access',
 'customer_advisories': 'Notification Letters',
 'data_breach': {'number_of_records_exposed': 9329,
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Patient Information'},
 'date_detected': '2021-08-24',
 'date_publicly_disclosed': '2021-10-08',
 'description': 'A former employee accessed patient information without '
                'authorization between January 1, 2016, and December 31, 2017. '
                'The breach was discovered on August 24, 2021, affecting 9,329 '
                'individuals, including 2 residents from Maine.',
 'impact': {'data_compromised': 'Patient Information',
            'identity_theft_risk': 'High'},
 'post_incident_analysis': {'corrective_actions': 'Identity Theft Protection '
                                                  'Services',
                            'root_causes': 'Insider Threat'},
 'references': [{'source': 'Maine Office of the Attorney General'}],
 'response': {'communication_strategy': 'Notification Letters',
              'remediation_measures': 'Identity Theft Protection Services',
              'third_party_assistance': 'Experian'},
 'threat_actor': 'Former Employee',
 'title': 'Unauthorized Access to Patient Information at University Hospital',
 'type': 'Insider Wrongdoing',
 'vulnerability_exploited': 'Insider Threat'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.