On May 15, 2020, an employee with the Organization emailed a draft document containing the personal information at issue to an unintended recipient. The employee mistyped the intended email address and accidentally sent the document to an incorrect email address. The document was not encrypted and the unintended recipient may have accessed the attached document containing the personal information of the client. The Organization confirmed the incorrect email address has a valid user ID (as the employee sender did not receive a rejection notice). The breach was discovered the same day.

File Type: pdf
File Size: 606 KB
Categories: 2021