Exploit: Phishing scam
Wisconsin Diagnostic Laboratories: Healthcare provider offering primary and specialty health services
Risk to Small Business: 1.666 = Severe: An unauthorized third party compromised an employee’s email account, which included patient information. Hackers had access to the account between June 11th and June 18th, but it’s unclear if the patient data was viewed. Artesia General Hospital is prioritizing staffing training about suspicious emails, but a reactive response will not restore the exposed patient data or lessen impending fines that almost always follow a healthcare-related breach.
Individual Risk: 2.285 = Severe: Patient data was exposed in the breach, including names, dates of birth, medical record or account numbers, health insurance information, and treatment information. In addition, some patients had their Social Security numbers compromised. Personally identifiable information has an established market online, and it can be difficult to prevent its distribution once accessed. Those impacted by the breach should be especially mindful of unusual communications or account activity, as those can be indications of data misuse.
Customers Impacted: 13,905
How it Could Affect Your Customers’ Business: Working with third-party vendors is an inevitability for most companies, but such partnerships can manufacture additional cybersecurity vulnerabilities that need to be addressed. For businesses looking to avoid a data debacle, evaluating security standards should be a prerequisite to any professional partnership involving the exchange of sensitive data.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
