US Beacon Health System 2015 Social Engineering (Q9300)
From Open Risk Data
A data breach risk event
Language | Label | Description | Also known as |
---|---|---|---|
English |
US Beacon Health System 2015 Social Engineering
|
A data breach risk event
|
Statements
07A7B93B-12E5-43E3-BCBF-62DC53B85C5A
January 2015
0 references
Although there is no evidence of any actual or attempted misuse of personal or protected health information belonging to Beacon Health System (Beacon) patients, Beacon is notifying the media and affected patients that it was the subject of a sophisticated phishing attack, and that unauthorized individuals gained access to Beacon employee email boxes, which contained the personal and protected health information of some individuals, including patients. Beacon discovered that it had been the target of a sophisticated cyber attack. On March 25, 2015, during the investigation of this attack, Beacon discovered unauthorized access to email boxes of some of its employees, which potentially contained information on patients. Certain email boxes were accessed beginning as early as November 2013, a (English)
1 reference