Rogue employee blamed for stealing patient information


In July 2017, the healthcare company suffered a data breach of 108,000 customer records caused by a malicious insider.

An employee of its international health insurance division inappropriately copied and removed some customer information. The data taken included names, dates of birth, phone numbers, email addresses and nationalities. Medical data, physical addresses, healthcare histories and financial information were not compromised.

The company was credited with handling the breach notification and incident response process promptly and professionally.

Free consultation

Want to discuss this case? We're offering a FREE 20 minute phone consultation with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you:


  • Bupa

We've done the analysis so you can make the decisions

When purchasing a minimum of 5 Case Studies
$699.99 if buying less than 5.

  • Detailed cause & effect analysis
  • Lessons learnt catalogued
  • Preventive controls extracted
Add to Cart
Heads up! Want to try before you buy? You can download our FREE demo case study here