A significant cybersecurity incident at Esse Health has compromised the personal and health information of approximately 263,000 patients. The breach involved unauthorized access to the healthcare provider's computer systems, where cybercriminals successfully infiltrated the network and gained the ability to view and copy sensitive patient files. The compromised data included names, addresses, dates of birth, health insurance information, medical record numbers, patient account numbers, and specific health information such as vaccination records. The attackers exploited vulnerabilities in the network infrastructure and employed sophisticated techniques to navigate through the network and identify valuable data repositories.
Source: https://cybersecuritynews.com/esse-health-data-breach-exposes-263000-patients/
TPRM report: https://scoringcyber.rankiteo.com/company/esse-health
"id": "ess401070325",
"linkid": "esse-health",
"type": "Breach",
"date": "7/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'customers_affected': 263000,
'industry': 'Healthcare',
'location': 'Missouri',
'name': 'Esse Health',
'type': 'Healthcare Provider'}],
'attack_vector': 'Network Infrastructure Vulnerabilities',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': 263000,
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Addresses',
'Dates of birth',
'Health insurance information',
'Medical record numbers',
'Patient account numbers',
'Health information including '
'vaccination records']},
'date_detected': '2025-04-21',
'description': 'A significant cybersecurity incident at Esse Health has '
'compromised the personal and health information of '
'approximately 263,000 patients, marking one of the most '
'substantial healthcare data breaches of 2025.',
'impact': {'data_compromised': ['Names',
'Addresses',
'Dates of birth',
'Health insurance information',
'Medical record numbers',
'Patient account numbers',
'Health information including vaccination '
'records']},
'initial_access_broker': {'entry_point': 'Network Infrastructure '
'Vulnerabilities',
'high_value_targets': 'Patient information'},
'investigation_status': 'Ongoing',
'motivation': 'Data Exfiltration',
'post_incident_analysis': {'root_causes': ['Spear-phishing campaigns',
'Unpatched vulnerabilities in '
'internet-facing applications']},
'references': [{'source': 'ANY.RUN'}],
'regulatory_compliance': {'regulations_violated': 'HIPAA',
'regulatory_notifications': 'Yes'},
'response': {'containment_measures': 'System isolation',
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Yes',
'recovery_measures': 'Complimentary identity protection services',
'remediation_measures': 'Enhanced security measures',
'third_party_assistance': 'Cybersecurity and forensic '
'specialists'},
'title': 'Esse Health Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': ['Spear-phishing campaigns',
'Unpatched vulnerabilities in internet-facing '
'applications']}