.jpg?1745330025#)
Medical Categorical Ambulance Inc. (MedEx) just lately skilled a knowledge breach which will have allowed unauthorized entry to affected person well being info and worker private info. Right now, MedEx has not obtained any stories of associated misuse of health info because the date of the Incident.
On March 18, 2024, MedEx skilled a community disruption that impacted the performance and entry of sure programs. Upon discovery of this incident, MedEx instantly disconnected all entry to the community and promptly engaged a specialised third-party cybersecurity agency and IT personnel to help with securing the setting, in addition to, to conduct a complete forensic investigation to find out the character and scope of the incident. The forensic investigation decided that non-public info could have been acquired by the risk actor.
Based mostly on these findings, MedEx determined to proceed with an evaluation of the compromised knowledge for any potential delicate private info (PII) or protected well being info (PHI). MedEx engaged a third-party vendor to assessment the data that was compromised. The info mining course of took a while given the complexities of the categories and quantity of the information analyzed, requiring a number of phases of automated and handbook assessment. On March 3, 2025, MedEx engaged a third-party discover vendor to help with the mailings, name middle, and supply identification theft safety providers for these whose delicate info was impacted. Thereafter, MedEx labored to confirm the affected person info and addresses for mailing. On March 19, 2025, MedEx finalized the listing of people to inform.
The knowledge affected diverse for every impacted particular person. Based mostly on the investigation, the next info associated to probably impacted people could have been topic to unauthorized entry: Title; date of start; demographic info, Social Safety quantity, driver’s license quantity; state identification quantity; medical info; monetary info; medical insurance info; username and password; and for some, passport info. Please observe that the data above varies for every probably impacted particular person.
