A ransomware attack occurred against ESO Solutions, a significant software provider for emergency services and healthcare.
This incident resulted from unauthorised data access and system encryption across many enterprise platforms.
Depending on the information patients have shared with their healthcare providers using ESO's software, a range of personal data was exposed in the hack. Among the compromised data are: complete names dates of birth Numbers to call Numbers for patient accounts and medical records Details of the injury, diagnosis, treatment, and procedure, and Social Security numbers.
It was established that patient data connected to U.S. hospitals and clinics that ESO serves as a client was compromised.
All notified parties will receive a year of identity monitoring services from Kroll through ESO to assist in reducing risks.
Source: https://heimdalsecurity.com/blog/major-data-breach-at-eso-solutions-affects-2-7-million-patients/
TPRM report: https://scoringcyber.rankiteo.com/company/manatee-memorial-hospital
"id": "man8325124",
"linkid": "manatee-memorial-hospital",
"type": "Ransomware",
"date": "10/2023",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'U.S. hospitals and clinics',
'industry': 'Healthcare and Emergency Services',
'name': 'ESO Solutions',
'type': 'Software Provider'}],
'attack_vector': 'Unauthorized data access and system encryption',
'data_breach': {'personally_identifiable_information': ['Complete names',
'Dates of birth',
'Phone numbers',
'Patient account '
'numbers',
'Medical records',
'Details of the '
'injury',
'Diagnosis',
'Treatment',
'Procedure',
'Social Security '
'numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal data', 'Medical data']},
'description': 'A ransomware attack occurred against ESO Solutions, a '
'significant software provider for emergency services and '
'healthcare. This incident resulted from unauthorized data '
'access and system encryption across many enterprise '
'platforms. Depending on the information patients have shared '
"with their healthcare providers using ESO's software, a range "
'of personal data was exposed in the hack. Among the '
'compromised data are: complete names, dates of birth, phone '
'numbers, patient account numbers, medical records, details of '
'the injury, diagnosis, treatment, and procedure, and Social '
'Security numbers. It was established that patient data '
'connected to U.S. hospitals and clinics that ESO serves as a '
'client was compromised. All notified parties will receive a '
'year of identity monitoring services from Kroll through ESO '
'to assist in reducing risks.',
'impact': {'data_compromised': ['Complete names',
'Dates of birth',
'Phone numbers',
'Patient account numbers',
'Medical records',
'Details of the injury',
'Diagnosis',
'Treatment',
'Procedure',
'Social Security numbers'],
'systems_affected': 'Enterprise platforms'},
'response': {'enhanced_monitoring': 'One year of identity monitoring services '
'from Kroll',
'third_party_assistance': 'Kroll'},
'title': 'Ransomware Attack on ESO Solutions',
'type': 'Ransomware Attack'}