Christie Clinic

Christie Clinic operates within the healthcare sector, providing medical services to patients. Based in the United States, its primary activities involve delivering patient care, which inherently involves handling sensitive personal health information and personally identifiable data. The organization manages significant volumes of confidential patient records as part of its clinical operations and administrative functions.

The clinic experienced a significant cybersecurity incident involving unauthorized email account access. On July 14, 2021, an unauthorized actor breached a single Christie Clinic email account. This breach was specifically aimed at intercepting a business transaction. Due to the nature of the compromised account and the data typically processed through email communications, the incident potentially exposed sensitive patient information. This potentially compromised data included patient names, Social Security numbers, medical information, and physical addresses. Christie Clinic's investigation could not conclusively determine the full extent of the data accessed or exfiltrated by the attacker during this email security breach. As a precautionary measure acknowledging the potential risk to individuals, Christie Clinic proactively notified all patients and other individuals who might have been impacted by this unauthorized access event.