ESO Solutions Data Breach Impacts Providers and Patients
Shub & Johns LLC is currently investigating ESO Solutions (“ESO”) for an apparent failure to safeguard sensitive patient and other healthcare network information in a data breach that was detected on or around on or around September 28, 2023. ESO, a Texas-based software company catering to medical facilities and healthcare networks for data solutions, discovered an unauthorized party had encrypted portions of ESO’s computer network, possibly allowing this unknown agent access to confidential patient information. Although the breach was detected in September 2023, the company did not publicly announce the breach until December 19, 2023.
ESO began sending notice letters to affected individuals whose information could have been impacted by the breach. Healthcare providers impacted by the breach reportedly include:
- Ascension Providence Hospital in Waco
- Mississippi Baptist Medical Center
- CaroMont Health
- Merit Health Biloxi
- Merit Health River Oaks
- ESO EMS Agency
- Forrest General Hospital
- Alaska Regional Hospital
- Memorial Hospital at Gulfport
- Providence Kodiak Island Medical Center
- Providence Alaska Medical Center
- Tallahassee Memorial
- Manatee Memorial Hospital
- Desert View Hospital
It is currently unclear how many individuals have been impacted by the breach. Information potentially affected by the data breach can included patients’ names, Social Security numbers, dates of birth, injury type, injury date, treatment type, and treatment date. It is still unclear what other information, if any, was impacted.
The cybercriminals responsible for the breach may have already obtained and sold the compromised patient information. In previous data breaches, victims of data theft have noticed identity theft attempts ranging from fraudulent charges on bank accounts or credit cards, medical and/or government services ordered in their name, or their information being posted on the dark web.