Emergency Medical Services Authority (EMSA)

EMSA experienced a cyber intrusion between February 10 and February 13, 2024, leading to unauthorized access to its network. Files containing sensitive patient information were acquired, affecting 611,743 individuals. Compromised data included names, addresses, dates of birth, service dates, as well as primary care providers and social security numbers for some. This breach disrupted EMSA's services, leaving the community temporarily without essential medical support. EMSA is undertaking measures to enhance security and offering credit monitoring and identity protection for affected individuals.

Source: https://www.hcinnovationgroup.com/cybersecurity/data-breaches/news/55001570/security-breach-leaves-patient-data-vulnerable

TPRM report: https://scoringcyber.rankiteo.com/company/state-of-california-emergency-medical-services-authority

"id": "sta446070624",
"linkid": "state-of-california-emergency-medical-services-authority",
"type": "Breach",
"date": "4/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 611743,
                        'industry': 'Healthcare',
                        'name': 'EMSA',
                        'type': 'Organization'}],
 'attack_vector': 'Unauthorized Access',
 'data_breach': {'data_exfiltration': 'Yes',
                 'number_of_records_exposed': 611743,
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['names',
                                              'addresses',
                                              'dates of birth',
                                              'service dates',
                                              'primary care providers',
                                              'social security numbers']},
 'date_detected': '2024-02-10',
 'description': 'EMSA experienced a cyber intrusion between February 10 and '
                'February 13, 2024, leading to unauthorized access to its '
                'network. Files containing sensitive patient information were '
                'acquired, affecting 611,743 individuals. Compromised data '
                'included names, addresses, dates of birth, service dates, as '
                'well as primary care providers and social security numbers '
                "for some. This breach disrupted EMSA's services, leaving the "
                'community temporarily without essential medical support. EMSA '
                'is undertaking measures to enhance security and offering '
                'credit monitoring and identity protection for affected '
                'individuals.',
 'impact': {'data_compromised': ['names',
                                 'addresses',
                                 'dates of birth',
                                 'service dates',
                                 'primary care providers',
                                 'social security numbers'],
            'downtime': 'Temporary disruption of essential medical support'},
 'response': {'remediation_measures': 'Enhancing security measures, offering '
                                      'credit monitoring and identity '
                                      'protection for affected individuals'},
 'title': 'EMSA Cyber Intrusion and Data Breach',
 'type': 'Data Breach'}