The Tulsa-based EMSA experienced unauthorized access to its network between February 10 and 13, 2024, leading to the potential theft of patients' data. The compromised information generally included names, addresses, dates of birth, service dates, and, in some cases, Social Security numbers. As a result of the cyber incident, EMSA shutdown parts of its IT systems and halted some services, impacting 611,743 individuals. The breach has pushed the organization to improve its cybersecurity measures and offer credit monitoring and identity protection services to affected individuals.
TPRM report: https://scoringcyber.rankiteo.com/company/emergency-medical-services-authority-emsa-
"id": "eme004102224",
"linkid": "emergency-medical-services-authority-emsa-",
"type": "Breach",
"date": "4/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'customers_affected': 611743,
'industry': 'Healthcare',
'location': 'Tulsa, Oklahoma',
'name': 'EMSA',
'type': 'Organization'}],
'attack_vector': 'Unauthorized Access',
'data_breach': {'number_of_records_exposed': 611743,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal Information',
'Social Security Numbers']},
'date_detected': '2024-02-10',
'description': 'EMSA experienced unauthorized access to its network between '
'February 10 and 13, 2024, leading to the potential theft of '
"patients' data.",
'impact': {'data_compromised': ['Names',
'Addresses',
'Dates of Birth',
'Service Dates',
'Social Security Numbers'],
'downtime': True,
'identity_theft_risk': True,
'operational_impact': 'Some services halted',
'systems_affected': 'Parts of IT systems'},
'response': {'containment_measures': 'Shutdown parts of IT systems',
'recovery_measures': 'Offer credit monitoring and identity '
'protection services',
'remediation_measures': 'Improve cybersecurity measures'},
'title': 'EMSA Network Breach',
'type': 'Data Breach'}