Exploit: Phishing attack
Borough of Westwood: Regional, not-for-profit healthcare provider
Risk to Small Business: 2.111 = Severe: Three company employees fell victim to a phishing scam that gave hackers access to their email accounts containing patient data. Although the hospital immediately secured the accounts, the easily preventable incident will expose Carle Foundation Hospital to intense regulatory scrutiny and cascading costs related to the breach.
Individual Risk: 2.428 = Severe: The compromised email accounts belonged to three physicians, and they included data from patients that received cardiology or surgery services at Carle. The data includes patient names, medical record numbers, dates of birth, and clinical information. Fortunately, patients’ Social Security numbers and financial data were not included in the breach. However, personal data is a widely accepted currency on the Dark Web, since personally identifiable information(PII) can be used to facilitate additional cybercrimes. Therefore, those impacted by the breach need to closely monitor their accounts for usual activity while being mindful of other malicious uses of that information.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business: Data breaches bring a host of complications to any company, including reputational damage and ancillary recovery costs. Altogether, it can cause significant financial distress to any organization. Neutralizing defensible threats, like phishing scams, is a simple and affordable solution that can play a prominent role in protecting your company's reputation and bottom line.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
