Patient data stolen in ransomware attack affecting millions of healthcare victims
A company that builds software for hospitals, paramedics and firefighters has suffered a ransomware attack and data breach that may have affected 2.7 million patients in the US.
ESO Solutions announced the breach earlier this week. Apparently this happened in late September 2023, when an unknown threat actor gained access to a corporate machine containing sensitive personal data. The company did not specify how the hackers gained access to the endpoint – whether it was due to social engineering or malware.
ESO Solutions customers include healthcare organizations, clinics and hospitals across the US. The victims include Mississippi Baptist Medical Center, Community Health Systems Merit Health Biloxi, Merit Health River Oaks, ESO EMS Agency, Forrest Health Forrest General Hospital, HCA Healthcare Alaska Regional Hospital, Memorial Hospital at Gulfport Health System and many others.
No abuse yet
These hospitals collected information about their patients and the service they would receive. The data the hackers stole included people's full names, dates of birth, phone numbers, patient accounts and medical record numbers, injury information, diagnoses, treatment types, procedure information and Social Security numbers.
The company notified the FBI and state police of the cyberattack. The customers were notified earlier this month and were offered identity monitoring services through Kroll for 12 months. “At this time we have no evidence that your information has been misused,” the company reportedly told victims in a notification letter.
When a ransomware group steals the data and encrypts the systems, they typically contact the victims and try to negotiate a ransom payment in exchange for the data and the decryption key. However, in this case, no hackers have yet claimed responsibility for the attack.
When negotiations fail, hackers often leak the data online or try to sell it to another threat actor, who can then use it in phishing attacks and the like.
Through BleepingComputer