Menu
On Thursday 14th of July 2022, Empress Emergency Medical Services (EMS), emergency response and ambulance service provider based in New York suffered a ransomware attack.
An investigation into the incident revealed that the threat actor had gained access to Empress EMS’ systems on Thursday 26th of May, 2022. The threat actor stayed in their systems until Wednesday 13th of July 2022, when they exfiltrated a small selection of files before deploying ransomware.
“Some of these files contained patient names, dates of service, insurance information, and in some instances, Social Security numbers,” – Empress EMS disclosure.
Empress EMS has sent letters to affected individuals and has offered eligible individuals credit monitoring services. Empress EMS has also informed the U.S. Department of Health and Human Services that 318,558 individuals have been affected. Although there are concerns that more people might be impacted. Empress EMS has stated it has strengthened the security of its systems and protocols to prevent similar incidents from happening in the future.
Although Empress EMS has not disclosed the group responsible for the attack, it is believed that the Hive ransomware gang is responsible for the incident.
NCSC Threat Reports Feed© 2021 CyberEnsō – Nihon Cyber Defence Co., Ltd. All Rights Reserved.
