Dec 3, 2021 10:47:06 AM
.jpg?width=200&height=78&name=CH%20Diligence%20(thicker%20line).jpg "CH Diligence (thicker line)")
Dec 3, 2021 10:47:06 AM
The Target: Huntington Hospital, a New York based medical center.
The Take: Exposure of 13,000 records of Personally Identifiable Information including: name, date-of-birth, phone number, addresses, internal account number, medical record number, diagnoses, and other treatment information.
The Vector: An employee improperly accessed this information without clearance and was not prevented from viewing this data based upon their level of access and role within the firm, exposing the data.
This breach highlights the important concept of Least-Privilege when it comes to system access and authorization. Employees should only have access to the minimum amount of information and privileges they need to do their role. Ensuring this process is applied at all levels of access across a firm is a key component to maintaining a robust Cybersecurity posture.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montréal
1080 Côte du Beaver Hall, Suite 904
Montréal, QC
Canada, H2Z 1S8
+1-450-465-8880
Abu Dhabi
Floor No. 15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy