ESO Solutions, Inc.

ESO Solutions, Inc. suffered a ransomware attack on September 28, 2023, leading to the potential exposure of personal and protected health information (PHI). The breach was formally reported to the California Office of the Attorney General on December 20, 2023. Compromised data may include highly sensitive details such as names, Social Security numbers, and medical treatment records, though the exact number of affected individuals remains undisclosed. The incident poses severe risks, including identity theft, financial fraud, and unauthorized access to medical histories, which could have long-term repercussions for victims. Given the nature of the exposed data particularly health information the breach carries significant legal, reputational, and operational consequences for the company, potentially triggering regulatory penalties under HIPAA and other data protection laws. The use of ransomware further escalates the threat, as attackers may demand payment while retaining or exploiting the stolen data.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-578243

TPRM report: https://www.rankiteo.com/company/eso-solutions

"id": "eso1031090725",
"linkid": "eso-solutions",
"type": "Ransomware",
"date": "9/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'customers_affected': 'unknown',
                        'industry': 'healthcare technology',
                        'location': 'California, USA',
                        'name': 'ESO Solutions, Inc.',
                        'type': 'company'}],
 'data_breach': {'number_of_records_exposed': 'unknown',
                 'personally_identifiable_information': ['names',
                                                         'social security '
                                                         'numbers'],
                 'sensitivity_of_data': 'high',
                 'type_of_data_compromised': ['personal information',
                                              'protected health information '
                                              '(PHI)']},
 'date_detected': '2023-09-28',
 'date_publicly_disclosed': '2023-12-20',
 'description': 'The California Office of the Attorney General reported that '
                'ESO Solutions, Inc. experienced a ransomware incident on '
                'September 28, 2023, potentially exposing personal and '
                'protected health information. The breach was reported on '
                'December 20, 2023, and specific types of compromised data may '
                'include names, social security numbers, and medical treatment '
                'information, affecting an unknown number of individuals.',
 'impact': {'data_compromised': ['names',
                                 'social security numbers',
                                 'medical treatment information'],
            'identity_theft_risk': 'high'},
 'references': [{'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulations_violated': ['HIPAA (potential)'],
                           'regulatory_notifications': ['California Office of '
                                                        'the Attorney '
                                                        'General']},
 'title': 'Ransomware Incident at ESO Solutions, Inc.',
 'type': 'ransomware'}

ESO Solutions, Inc.

ASRock Rack and ASUS: Exclusive: ASRock Rack allegedly breached, data leak could lead to further breaches

McDonald’s India: Cyber Security News ®’s Post

Hyatt Hotels Corporation and Hyatt Place Chelsea: Ransomware gang claims it hacked into Hyatt systems, says it has stolen data for sale