Exploit: Insider Threat (Employee Error)
UofL Health: Healthcare System
Risk to Business: 1.575 = Severe
Kentucky-based UofL Health has notified more than 40,000 patients of an employee blunder that resulted in their personal health information being emailed to the wrong address. In this case, a UofL employee accidentally sent personal health information from UofL patients to an email address outside of the health system’s network. According to UofL, the accidental recipient of the data did not view or access any patient information.
Risk to Business: 1.502 = Severe
Patients whose data was impacted by the incident have been offered free identity protection services. No specifics about what exact data was accessed have been released beyond personal health information.
Customers Impacted: 40,000
How it Could Affect Your Customers’ Business Employee errors that impact compliance in a heavily regulated industry pack a punch after regulators get to work.
Source: InfoSecurity Magazine