[BreachExchange] Miss. ambulance service reports ransomware data breach

Destry Winant destry at riskbasedsecurity.com
Wed Oct 7 10:29:32 EDT 2020


https://www.ems1.com/cybersecurity/articles/miss-ambulance-service-reports-ransomware-data-breach-sloioSsCzjrLFJy0/

HATTIESBURG, Miss. — A Mississippi ambulance service has reported a
data breach involving an attempted ransomware attack that occurred in
July.

AAA Ambulance Service said in a statement that the breach occurred on
July 1, 2020, and that on Aug. 26, following a thorough investigation,
it was determined that some individuals' personal information had been
accessed or taken from AAA's systems.

Data involved in the breach included individuals' first and last names
combined with one or more of the following pieces of information: date
of birth, social security number, driver's license number, financial
account number, diagnosis information, medical treatment information,
patient account number, prescription information, medical record
number and/or health insurance information.

"It is important to note ... that there is no evidence to suggest that
any personally identifiable information or personal health information
has been actually misused," the AAA statement read.

The company stated that immediate action was taken after the attempted
ransomware attack was detected in July, including actions to prevent
data from becoming encrypted and inaccessible to AAA, further secure
AAA's data-storing systems and launch an investigation that included
consultation with third-party forensic experts.

Individuals whose data was leaked in the breach were notified and
offered complimentary credit monitoring services, according to AAA.
The company established a toll-free call center to answer questions
about the incident.

"The privacy and protection of private information is a top priority
for AAA. We deeply regret any inconvenience or concern this incident
may cause," the statement read.


More information about the BreachExchange mailing list