Vitra Health, Inc.

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Vitra Health, Inc., a Massachusetts-based company, experienced a cybersecurity incident due to a phishing attack that occurred on December 6, 2022, and was discovered on December 8, 2022. The breach involved the compromise of an employee’s email account, leading to unauthorized access. Vitra Health took immediate steps to contain the incident by disabling the compromised email account, changing all credentials for the affected user, and confirming that no other emails were jeopardized. The company also initiated an internal investigation and engaged a consultant to perform a forensic investigation of the compromise.

Upon reviewing approximately 110,000 email messages and manually inspecting over 18,000 images and 1,600 PDFs, Vitra Health identified 17 items containing personal information as defined under state data privacy law. The compromised personal information included names, addresses, driver’s license numbers, and social security numbers

Breach Submission Date Feb 06, 2023
Converted Entity Name Vitra Health, Inc.
Converted Entity Type Healthcare Provider
State MA
Individuals Affected 1,618
Breach Type Hacking/IT Incident

Breach Information Location Email

Business Associate Present Yes