On January 25, 2019, the California Office of the Attorney General reported that Verity Health System experienced a data breach on November 27, 2018. The breach involved unauthorized access to an employee's Microsoft 365 email account, potentially compromising the health information of individuals, including names, dates of birth, and social security numbers. Approximately UNKN individuals were affected by this incident.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-144152
TPRM report: https://www.rankiteo.com/company/verity_health_system
"id": "ver420080425",
"linkid": "verity_health_system",
"type": "Breach",
"date": "11/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 'UNKN',
'industry': 'Healthcare',
'location': 'California',
'name': 'Verity Health System',
'type': 'Healthcare Provider'}],
'attack_vector': 'Email Compromise',
'data_breach': {'number_of_records_exposed': 'UNKN',
'personally_identifiable_information': ['Names',
'Dates of Birth',
'Social Security '
'Numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Health Information']},
'date_detected': '2019-01-25',
'date_publicly_disclosed': '2019-01-25',
'description': "Unauthorized access to an employee's Microsoft 365 email "
'account, potentially compromising health information of '
'individuals.',
'impact': {'data_compromised': ['Names',
'Dates of Birth',
'Social Security Numbers'],
'systems_affected': ['Microsoft 365 Email Account']},
'initial_access_broker': {'entry_point': 'Microsoft 365 Email Account'},
'references': [{'date_accessed': '2019-01-25',
'source': 'California Office of the Attorney General'}],
'title': 'Verity Health System Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Unauthorized Access'}