Cloud Hosting

On September 9, 2022, Empress EMS reported a data breach with the U.S. Department of Health and Human Services Office for Civil Rights after the company was the victim of what appears to have been a ransomware attack. According to Empress EMS, the breach resulted in the names, Social Security numbers, dates of service and insurance information of 318,558 patients being compromised. Recently, Empress EMS sent out data breach letters to all affected parties, informing them of the incident and what they can do to protect themselves from identity theft and other frauds.

News of the Empress EMS comes from the companys official filing with the U.S. Department of Health and Human Services Office for Civil Rights as well as a notice posted on the companys website. According to these sources, on July 14, 2022, Empress EMS detected a network security incident, apparently when some or all of the companys computer system was encrypted. In response, the company reported the incident to law enforcement, secured its systems, and began working with third-party data security experts to conduct an investigation.

The companys investigation confirmed that an unauthorized party first gained access to the Empress EMS system on May 26, 2022 and subsequently copied files from the network on July 13, 2022.

Upon discovering that sensitive consumer data was accessible to an unauthorized party, Empress EMS then reviewed the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, the date you received service from Empress EMS, your Social Security number, and your insurance information.

On September 9, 2022, Empress EMS sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident. According to the U.S. Department of Health and Human Services Office for Civil Rights, these letters were sent out to 318,558 people. Empress EMS is offering all people impacted by the breach with free credit monitoring and is recommending they review their healthcare statements for accuracy and contact their provider if they see services they did not receive.

Founded in 1985, Empress EMS is an ambulance services company based in Yonkers, New York. The company provides 911 emergency medical response transportation to Yonkers and neighboring communities. Additionally, Empress EMS has emergency and non-emergency response contracts throughout Westchester County with districts, hospitals, correctional institutions and private care facilities. Empress EMS employs more than 204 people and generates approximately $17 million in annual revenue.

The Empress EMS filing with the U.S. Department of Health and Human Services Office for Civil Rights did not get into too much detail about the nature of the breach. However, the company provided some additional information in a letter posted on the Empress EMS website. There, the company noted that the data breach was caused by a network incident resulting in the encryption of some of our systems.

Encryption is a process that encodes files, making them inaccessible to anyone without the encryption key (which is usually a password). People encrypt files every day to protect sensitive data from unauthorized access. However, cybercriminals also use encryption when carrying out certain types of cyberattacksusually ransomware attacks.

A ransomware attack is a type of cyberattack that occurs when a hacker or other bad actor installs malware on a companys computer network. Hackers frequently do this by sending a phishing email to an employee in hopes of getting them to click on a malicious link. Once the employee clicks on the link, it downloads the malware onto their computer. The malware then encrypts the files on the computer and may infect other parts of the network. The hackers then send management a message, demanding it pays a ransom if it wants access to its network. Once the company pays the ransom, the hackers decrypt their computer, which ends the attackat least from the companys perspective.

However, more recently hackers have started to threaten to publish any stolen data if a company refuses to pay the ransom. Once on the dark web, cybercriminals can bid on the data, which they can then use to commit identity theft and other frauds. Of course, while companies that are targeted in a ransomware attack are victims in some sense, the real victims of these attacks are the consumers whose information ends up in the hands of those looking to commit fraud.

So, while Empress EMS did not mention the words ransomware attack in its communications, because we know it involved the encryption of the companys system, there is a good chance that this was caused by a ransomware attack.

Companies not only have the resources to pay an occasional ransom, but they also have the ability (and responsibility) to implement strong data security systems designed to prevent these attacks in the first place. Victims of a data breach who would like to learn how to reduce the risk of identity theft or learn about their options to hold the company that leaked their information accountable should contact a data breach lawyer as soon as possible.

If you are one of the more than 318,000 people who were affected by the Empress EMS data breach, it is imperative that you understand what is at stake and how you can mitigate these risks. If you or a loved one received services from Empress EMS and have not yet received a letter, you can review a copy of the letter here.

Continued here:
Empress EMS Announces Data Breach Leaking the Sensitive Information of 318,558 People - JD Supra