Security News > 2022 > September > New York ambulance service discloses data breach after ransomware attack
Empress EMS, a New York-based emergency response and ambulance service provider, has disclosed a data breach that exposed customer information.
According to the notification, the company suffered a ransomware attack on July 14, 2022.
"Some of these files contained patient names, dates of service, insurance information, and in some instances, Social Security numbers," reads the disclosure from Empress EMS. "Empress EMS is mailing letters to affected individuals and offering eligible individuals credit monitoring services," the company announced.
The details of the attack describe a standard double-extortion ransomware incident where cybercriminals steal files, encrypt systems, and then threaten the victim to publish the data unless a ransom is paid.
BleepingComputer found that the Hive ransomware gang had prepared on July 26 a non-public entry for the Empress EMS data leak.
The ransomware gang has removed the associated entry from their website, but we were able to verify that Hive published the data after checking historical dark web data from cyber-intelligence firm KELA. Empress informed the U.S. Department of Health and Human Services that the number of individuals affected by this incident is 318,55.
News URL
Related news
- Texas State Bar warns of data breach after INC ransomware claims attack (source)
- Food giant WK Kellogg discloses data breach linked to Clop ransomware (source)
- Marks & Spencer breach linked to Scattered Spider ransomware attack (source)
- PowerSchool previously hacked in August, months before data breach (source)
- Live Ransomware Demo: See How Hackers Breach Networks and Demand a Ransom (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- SANS Institute Warns of Novel Cloud-Native Ransomware Attacks (source)
- ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More (source)
- BlackLock ransomware claims nearly 50 attacks in two months (source)
- Western Alliance Bank notifies 21,899 customers of data breach (source)