The California Attorney General reported on March 22, 2019, that Verity Medical Foundation experienced a data breach on January 16, 2019, when an employee's Microsoft 365 email account was compromised. The breach potentially exposed personal health information, including names, dates of birth, and medical details, affecting an unspecified number of individuals.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-145668
TPRM report: https://www.rankiteo.com/company/verity_health_system
"id": "ver140072625",
"linkid": "verity_health_system",
"type": "Breach",
"date": "1/2019",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Unspecified number of '
'individuals',
'industry': 'Healthcare',
'location': 'California',
'name': 'Verity Medical Foundation',
'type': 'Healthcare'}],
'attack_vector': 'Compromised Email Account',
'data_breach': {'number_of_records_exposed': 'Unspecified',
'personally_identifiable_information': ['Names',
'Dates of Birth'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Health Information']},
'date_detected': '2019-01-16',
'date_publicly_disclosed': '2019-03-22',
'description': "An employee's Microsoft 365 email account was compromised, "
'potentially exposing personal health information including '
'names, dates of birth, and medical details.',
'impact': {'data_compromised': ['Names', 'Dates of Birth', 'Medical Details'],
'systems_affected': ['Microsoft 365 Email Account']},
'initial_access_broker': {'entry_point': 'Email Account Compromise'},
'references': [{'date_accessed': '2019-03-22',
'source': 'California Attorney General'}],
'title': 'Verity Medical Foundation Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Email Account Compromise'}