Exploit: Phishing
Oaklawn Hospital: Medical Care Provider
Risk to Business: 2.126 = Severe Multiple successful phishing forays at Michigan’s Oaklawn Hospital netted a wealth of information for cybercriminals. After gaining access to several employee email accounts, cybercriminals were able to exfiltrate patient data. The attack is believed to have occurred in April 2020 but was just disclosed in a filing.
Individual Risk: 1.811 = Severe Patient information exposed as a result of the incident included names, passwords, dates of birth, addresses, phone numbers, medical and health insurance numbers, Social Security numbers, financial account information, and driver’s license numbers. Impacted patients should be alert to potential phishing and fraud attempts.
Customers Impacted: 26,861
How it Could Affect Your Customers’ Business: Not only does a data breach leave a huge mess of expensive cleanup behind, in many industries like healthcare, a data breach can also mean your organization will be paying big regulatory penalties and fines too.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
