Scribd
Upload
329 views2 pages

Lab - Investigate Breaches of PII, PHI, and PCI

Cyber

Uploaded by

azhar716
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
329 views2 pages

Lab - Investigate Breaches of PII, PHI, and PCI

Cyber

Uploaded by

azhar716
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 2

Saad Khaja

9 / 10 / 2024
Lab – Investigate Breaches of PII, PHI, and PCI

Instructions
In this part of the lab, you will research and describe three breaches that have occurred
recently. Include at least one PCI and one PHI. Use the following steps:

a. Launch your favorite web browser and go to your favorite search engine, such as
Google.com.
What key terms will you use to search for recent breaches?
Type your answers here: Recent pci/phi/pii, within 2 years, cyber attacks, health information,
credit card breaches, personal information breaches how to prevent, and causes.
b. Go through the results and find the most interesting breaches that have occurred within the
last 2 years.
c. Choose three different breaches to document in this lab.
d. Describe the breaches in detail. Make sure you answer the following questions:

Breach #1: (PCI)


1) What was the name of the company or organization?
The name of the company that was breached was Slim CD.
2) What was targeted?
The information that was targeted was credit card information (name, address, card number and
expiration) and financial data of 1.7 million people.
3) Who was affected?
The people who were affected are more than 1.7 million credit card owners, their financial
information, name, address card number and expiration dates were leaked.
4) How did the attack occur? Describe the details of what happened.
The attack occurred during August 17 2023 to June 15 2024, during that time it enabled the
hackers to have access to all their systems, and they were able view credit card information, like
name, address, credit number, and expiration date. Around June 15 Slim CD learned that some
suspicious activity was taking place so they launched an investigation and found that they were
hacked, they informed the individuals that were affected.
5) What is the source of your information? Include the URL.
The source of information was from the website Bitdefender, MAlwareBytes labs.
6) What steps could have been taken to prevent the breach?
Steps that could have been taken to prevent the breach could have been to check credit card
transactions, get a new card and cancel the old one, change the password and use a strong
password, and use firewalls and anti-virus software.

Breach #2 (PHI):
1) What was the name of the company or organization?
The organization that was affected is Baptist Health Medical Center Drew County.
2) What was targeted?
The target was Baptist Health Medical Center Drew Count, and the inforation that was targeted
were names, address, birth dates, diagnoses, treatment information/dates, medical records,
provider names of 5,207 patients.
3) Who was affected?
The people who were affected were 5,207 patients from the Baptist Health Medical Center
Drew County, affected by their personal information, such as names, addresses, and medical
status treatments dates/ information and provider names.
4) How did the attack occur? Describe the details of what happened.
The attack occurred from April 22, 2024, to July 8, 2024. An unauthorized third party had access
to their IT networks and may have stolen patient personal data, like names and medical
information.
5) What is the source of your information? Include the URL.
Information found on The HIPPA Journal
6) What steps could have been taken to prevent the breach?
Steps that could have been taken to prevent the breach could have been using srong
passwords, two factor authentication, monitoring network activity, create a response plan.
Breach #3: (PII)
1) What was the name of the company or organization?
The name of the company that was targeted was National public data in Florida.
2) What was targeted?
National public data in Florida was targeted, and the information targeted was people's social
security numbers.
3) Who was affected?
The 2.9 billion people in Florida (living or deceased) were affected, and their records and SSNs
were stolen.
4) How did the attack occur? Describe the details of what happened.
The attack took place from December 2023 to April 2024, a cybercriminal group by the name of
USDoD posted “National Public Data” on the dark web, that they had information of 2.9 billion
people are were selling it for 3.5 million $, unclear how it occurred, but could have been a
beneficiary contract between National Public Data and a third party key.
5) What is the source of your information? Include the URL.
The source of the information came from the Los Angeles times, 8WGAL, Bloomberg Law.

6) What steps could have been taken to prevent the breach?


Some steps that could have been taken to prevent the breach are using strong security, firewals
strong passwords, run regular risk assessments,use cyber tools like wireshark.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy