- An unauthorized third-party gained access to Emcare employees’ email accounts which contained personal information of certain patients, employees, and contractors.
- The exposed personal information includes names, dates of birth, clinical information, Social Security numbers, and driver’s license numbers.
What is the issue - EmCare suffered a data breach compromising personal information of almost 60,000 people, including patients, employees, and contractors.
What happened - An unauthorized third-party gained access to Emcare employee’s email accounts which contained personal information of certain patients, employees, and contractors.
What was exposed - The exposed personal information includes names, dates of birth, clinical information, Social Security numbers, and driver’s license numbers.
What was the immediate action taken?
- Upon learning the incident, EmCare conducted a comprehensive investigation.
- The Healthcare firm has hired a leading forensic security firm to assist in determining the scope of the incident and those impacted.
- It has taken preventive measures such as implementing advanced technology solutions in order to prevent such incidents from happening in the future.
- It is also providing security training to all employees on email and information technology security.
- Further, Emcare has decided to offer free credit monitoring and identity protection services for those who had their Social security and driver’s license numbers compromised.
The big picture
On February 19, 2019, EmCare learned that an unauthorized third-party gained illegal access to Emcare employee’s email accounts which contained certain patients’, employees’, and contractors’ personal information.
Almost after two months, on April 19, 2019, EmCare notified the potentially impacted individuals about the data breach via an email notification. The Healthcare firm has also published a security notice on its website.
In the notification, EmCare has requested the individuals to stay vigilant and review their account statements and credit reports for suspicious activities. In case of any suspicious activity, ut has requested them to immediately report to the financial institution that maintains their account.
However, EmCare confirmed that there is no evidence that any information has been misused or that anyone will attempt to misuse the compromised information.
“EmCare is not aware of any individual who has been impacted by fraud or identity theft as a result and does not know if any personal information was actually obtained by an unauthorized party,” the security notice read.
“EmCare apologizes for any inconvenience or concern that this incident might cause. EmCare remains committed to providing patients the highest quality of care and working with healthcare partners to improve the health of communities.”