ESO Solutions, a provider of software products for healthcare organizations and fire departments, disclosed that data belonging to 2.7 million patients has been compromised as a result of a ransomware attack.
According to the notification, the intrusion occurred on September 28 and resulted in data being exfiltrated before the hackers encrypted a number of company systems.
During the investigation of the incident, ESO Solutions discovered that the attackers accessed one machine that contained sensitive personal data.
The exact types of data exposed vary per individual, depending on the details the patients provided to the healthcare organizations using ESO's software and the care services they received.
The software vendor has informed the FBI and state authorities of the incident.
All impacted customers were notified on December 12, and some of the affected hospitals started sending notices of a breach to their patients in the days that followed.
To mitigate the risk of the data breach, ESO offers 12 months of identity monitoring service coverage through Kroll to all notice recipients.
From what BleepingComputer could find, no ransomware have taken responsibility for the ESO attack.
These supply-chain breaches have become all too common in the healthcare space, impacting patient data safety and threatening the operational and financial stability of medical institutions.
TransForm says ransomware data breach affects 267,000 patients.
Ransomware gang behind threats to Fred Hutch cancer patients.
Norton Healthcare discloses data breach after May ransomware attack.
Ardent hospital ERs disrupted in 6 states after ransomware attack.
Welltok data breach exposes data of 8.5 million US patients.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 20 Dec 2023 16:20:21 +0000