University of Missouri Health Care

MU Health Care experienced a data breach.

On Sept. 21, an unauthorized person potentially gained access to the emails of some MU students affiliated with the health system.

Those students had created an account using a third party with the same username and password as their MU accounts.

Credentials were then stolen from a third party and used to gain access to the student’s university emails.

The information compromised included names, birthdates, medical record numbers, insurance information, and some treatment information, including types of medication.

Some social security numbers were also compromised for a limited number of patients.

Source: https://www.columbiamissourian.com/news/higher_education/mu-health-care-experienced-data-breach-some-social-security-numbers-compromised/article_44cfbf74-ac24-11ea-b2a6-abdda5987b58.html

TPRM report: https://scoringcyber.rankiteo.com/company/university-of-missouri-health-care

"id": "uni23573123",
"linkid": "university-of-missouri-health-care",
"type": "Breach",
"date": "09/2019",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"

{'affected_entities': [{'industry': 'Healthcare',
                        'name': 'MU Health Care',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Stolen Credentials',
 'data_breach': {'personally_identifiable_information': ['Names',
                                                         'Birthdates',
                                                         'Medical Record '
                                                         'Numbers',
                                                         'Social Security '
                                                         'Numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Health Information',
                                              'Social Security Numbers']},
 'date_detected': '2023-09-21',
 'description': 'MU Health Care experienced a data breach where an '
                'unauthorized person potentially gained access to the emails '
                'of some MU students affiliated with the health system. The '
                'information compromised included names, birthdates, medical '
                'record numbers, insurance information, and some treatment '
                'information, including types of medication. Some social '
                'security numbers were also compromised for a limited number '
                'of patients.',
 'impact': {'data_compromised': ['Names',
                                 'Birthdates',
                                 'Medical Record Numbers',
                                 'Insurance Information',
                                 'Treatment Information',
                                 'Types of Medication',
                                 'Social Security Numbers'],
            'systems_affected': 'Email System'},
 'initial_access_broker': {'entry_point': 'Email System'},
 'title': 'MU Health Care Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Reused Passwords'}