Riverview Health accidentally sent letters to 2,600 patients, containing intermixed patient information
Exploit: Accidental data sharing.
Riverview Health: Healthcare provider.
Risk to Small Business: 2.333 = Severe: On January 14, 2020, an employee inadvertently sent notification letters that intermixed patients’ names and addresses. The messages were delivered to the appropriate addresses, but they included the incorrect patient name. In today’s digital landscape, even small clerical errors can have significant consequences as both customers and regulators look to punish companies that fail to secure personal information.
Individual Risk: 2.714 = Moderate Patients’ names and addresses were compromised in the breach. Riverview Health maintains that the risk of data misuse is very low, but victims should still be aware that this information can be used for nefarious purposes and take precautions to ensure that their information is secure.
Customers Impacted: 2,610
How it Could Affect Your Customers’ Business: The biggest threat to your data isn’t cybercriminals, its human error. With customer blowback and regulatory penalties increasing, every organization needs to take steps to mitigate the risk posed by staff mistakes. Implementing protocols and increasing training about the pitfalls presented by phishing attacks and data sharing errors can significantly reduce your organization’s exposure to a data breach.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
