ESO Solutions, a data and software provider for emergency responders and healthcare entities, has commenced the notification process for 2.7 million individuals affected by a ransomware attack.
The breach, which unfolded on September 28, compelled ESO to shut down systems temporarily to curb the incident's reach.
Although the attackers accessed and encrypted internal systems, ESO said it restored them using backups.
In an incident notice published earlier today, the firm stated an unauthorized third party may have obtained personal data, and they are actively collaborating with federal law enforcement investigations.
Patient information, including names, addresses and health details were compromised, with potential exposure of sensitive information like Social Security numbers.
While the ransomware gang responsible remains unidentified, ESO's statement suggests that the company may have paid to secure the deletion of impacted data.
Infosecurity has reached out to the company to verify these claims.
Regardless, the company notified the Maine Attorney General's Office on December 19 that 2.7 million individuals were affected, with letters mailed out starting December 12.
Over 9500 Tallahassee Memorial HealthCare patients were among those affected.
Collaborating with healthcare providers like Ascension Providence and Manatee Memorial Hospital, ESO is informing patients of the breach.
This Cyber News was published on www.infosecurity-magazine.com. Publication date: Thu, 21 Dec 2023 17:00:54 +0000