Analysis of Threats to the Organization IT system case study: BENEFIT RECOVERY SPECIALISTS: 274,837 PATIENTS A hacker obtained the credentials of a Benefit Recovery Specialists’ employee to gain access to the insurer's systems and deploy malware, breaching the data of 274,837 patients from several providers and payers that use BRSI for billing and collections services. On April 30, BRSI discovered a malware incident on some of its servers and took those systems offline to remove the malicious software. An investigation confirmed a hacker accessed the systems using stolen employee credentials, which allowed the threat actor to either access or acquire some customer files for 10 days between April 20 and April 30. The compromised data included personal information from both current and former members of certain providers or health plans that leverage BRSI and could included dates of birth, provider names, diagnosis codes, policy identification numbers, dates of service and or procedure codes. Social Security numbers may have been affected for a small subset of patients.