The California Office of the Attorney General reported a data breach involving Verity Medical Foundation that occurred on November 28, 2018. The breach involved unauthorized access to an employee's Microsoft 365 web email account, potentially compromising names, dates of birth, social security numbers, phone numbers, and addresses of affected individuals. The breach was reported on January 28, 2019.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-144154
TPRM report: https://www.rankiteo.com/company/verity_health_system
"id": "ver505072625",
"linkid": "verity_health_system",
"type": "Breach",
"date": "11/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'California',
'name': 'Verity Medical Foundation',
'type': 'Healthcare'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information']},
'date_detected': '2018-11-28',
'date_publicly_disclosed': '2019-01-28',
'description': "Unauthorized access to an employee's Microsoft 365 web email "
'account, potentially compromising personal information of '
'affected individuals.',
'impact': {'data_compromised': ['Names',
'Dates of Birth',
'Social Security Numbers',
'Phone Numbers',
'Addresses'],
'systems_affected': ['Microsoft 365 Web Email Account']},
'initial_access_broker': {'entry_point': 'Compromised Email Account'},
'references': [{'source': 'California Office of the Attorney General'}],
'title': 'Verity Medical Foundation Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Compromised Email Account'}