Vitra Health, Inc.
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Vitra Health, Inc., a Massachusetts-based company, experienced a cybersecurity incident due to a phishing attack that occurred on December 6, 2022, and was discovered on December 8, 2022. The breach involved the compromise of an employee’s email account, leading to unauthorized access. Vitra Health took immediate steps to contain the incident by disabling the compromised email account, changing all credentials for the affected user, and confirming that no other emails were jeopardized. The company also initiated an internal investigation and engaged a consultant to perform a forensic investigation of the compromise.
Upon reviewing approximately 110,000 email messages and manually inspecting over 18,000 images and 1,600 PDFs, Vitra Health identified 17 items containing personal information as defined under state data privacy law. The compromised personal information included names, addresses, driver’s license numbers, and social security numbers