The Open Risk Data functionality of the Open Risk Manual is in still in active development!

US Beacon Health System 2015 Social Engineering (Q9300)

From Open Risk Data
A data breach risk event
Language Label Description Also known as
English
US Beacon Health System 2015 Social Engineering
A data breach risk event

    Statements

    has date
    January 2015
    0 references
    has textual description
    Although there is no evidence of any actual or attempted misuse of personal or protected health information belonging to Beacon Health System (Beacon) patients, Beacon is notifying the media and affected patients that it was the subject of a sophisticated phishing attack, and that unauthorized individuals gained access to Beacon employee email boxes, which contained the personal and protected health information of some individuals, including patients. Beacon discovered that it had been the target of a sophisticated cyber attack. On March 25, 2015, during the investigation of this attack, Beacon discovered unauthorized access to email boxes of some of its employees, which potentially contained information on patients. Certain email boxes were accessed beginning as early as November 2013, a (English)
    1 reference
    is documented in URL
    http://www.elkharttruth.com/living/Health/2015/05/25/Beacon-Health-System-target-of-phishing-security-attack.html
    http://www.healthcareitnews.com/news/hackers-hit-health-system-had-full-year-access-files
    http://www.scmagazine.com/beacon-health-system-notifies-patients-of-possible-data-compromise/article/416853/
    http://www.prnewswire.com/news-releases/beacon-health-provides-notice-of-data-security-event-300088014.html
     

    Sitelinks

                Retrieved from "https://www.openriskmanual.org/data/index.php?title=Item:Q9300&oldid=8290"
                Creative Commons ShareAlike 4.0 International
                Powered by MediaWiki