A ransomware attack on emergency medical services (EMS) software provider ESO has endangered the sensitive details of millions, including their healthcare data.
Attackers targeted ESO in late September after some of the company’s computer systems were encrypted, the healthcare software provider said in breach notification to victims.
According to the company, once it identified the breach, impacted systems were shut down, and third-party forensic specialists were summoned to assist with the cyberattack.
“ESO was ultimately able to confirm the security of its systems and safely restore its systems and operations via viable backups,” the company said.
However, one of the impacted systems held data belonging to patients associated with ESO’s customers. According to the notification, attackers may have accessed:
- Dates of birth
- Injury types
- Injury dates
- Treatment dates
- Treatment types
- Social Security numbers (SSNs)
ESO added that SSNs were exposed only in some cases.
Individual healthcare data can be sold for hundreds of dollars on dark web forums. For example, malicious actors can use medical details for medical identity theft, a type of fraud where threat actors use stolen information to submit forged claims to Medicare and other health insurers.
Meanwhile, other personally identifiable information (PII) may be used to commit fraud, from identity theft and phishing attacks to opening new credit accounts, making unauthorized purchases, or obtaining loans under false pretenses.
ESO will provide impacted individuals with complementary identity theft monitoring services for 24 months.
More from Cybernews:
Subscribe to our newsletter