In July 2017, the healthcare company suffered a data breach of 108,000 customer records caused by a malicious insider.
An employee of its international health insurance division inappropriately copied and removed some customer information. The data taken included names, dates of birth, phone numbers, email addresses and nationalities. Medical data, physical addresses, healthcare histories and financial information were not compromised.
The company was credited with handling the breach notification and incident response process promptly and professionally.
Want to discuss this case? You can purchase a 30 minute conference call with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:
We've done the analysis so you can make the decisions