On May 4, 2018, the Organization sent an email to an insurance company’s general email address with the intent of submitting an invoice for a client. On July 31, 2018, the Organization discovered that the document attached to the email was about another client. The incident was discovered when an employee of the insurance company investigated the Organization?s request for information about payment of an invoice. The situation became more complex when the insurance company employee copied the information at issue to another insurance company employee who was working with a different client. The first email (on May 4, 2018) was not encrypted. The second email was password protected and may have been encrypted.

File Type: pdf
File Size: 342 KB
Categories: 2018