Ascension Providence

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Ascension Providence, a healthcare provider in Waco, Texas, experienced a data breach due to a cyberattack on one of its contractors, ESO Solutions. The ransomware attack occurred in September and was discovered on September 28 when ESO Solutions found that an unauthorized third party had accessed and encrypted some of its computer systems. ESO Solutions, a data and software company that provides services to healthcare facilities, immediately shut down the affected systems and secured the network[1][2].

The breach potentially exposed personal and medical information of patients, including names, Social Security numbers, dates of birth, addresses, medical record or account numbers, treatment-related information such as injury and diagnosis information, procedure types, insurance, and payer information. Ascension Providence stated that their own systems were not directly affected by the attack[1].

ESO Solutions began notifying potentially affected patients and offered support services such as credit and identity theft monitoring. Patients who did not receive a notification letter were not affected by the network attack[1]. The breach impacted various hospitals and healthcare systems across the country, including Ascension Providence Hospital in Waco[2].

In response to the incident, ESO Solutions hired third-party cybersecurity specialists to investigate and confirmed that an unauthorized party accessed parts of its computer system, including files containing confidential patient information. Notification letters were sent out to affected individuals starting December 12, 2023[2].

Ascension Providence has taken steps to address the breach, including reviewing processes for vendor-hosted websites, shutting down affected sites, and creating new ones hosted by Ascension. They also provided complimentary credit and identity theft protection services to those with sensitive information affected and recommended that patients and clients review credit and identity theft protection measures[10].

Citations:

  1. https://wacotrib.com/news/local/crime-courts/ascension-providence-warns-cyberattack-on-contractor-may-have-compromised-patient-info/article_ed316c88-99e9-11ee-9d13-2360d7b7a642.html
  2. https://www.jdsupra.com/legalnews/eso-solutions-data-breach-update-eso-6676886/
  3. https://www.kxan.com/news/local/austin/austin-police-association-files-petition-asking-court-to-intervene-on-police-oversight-lawsuit/
  4. https://www.beckershospitalreview.com/cybersecurity/18-000-ascension-patients-caught-in-data-breach.html
  5. https://company.wizards.com/en
  6. https://www.jdsupra.com/legalnews/ascension-announces-data-breach-4335354/
  7. https://www.diviresorts.com/divi-village-golf-beach-resort.htm
  8. https://www.fox44news.com/news/local-news/mclennan-county/ascension-providence-raising-awareness-of-data-breach/
  9. https://www.ticketsatwork.com/tickets/
  10. https://wacotrib.com/news/local/ascension-providence-reports-website-breach-from-march/article_cbed4d50-0702-11ee-b004-3b2932cba3e3.html
  11. https://skillbridge.osd.mil/locations.htm
  12. https://www.hipaajournal.com/eso-solutions-data-breach/
  13. https://www.hap.org
  14. https://medriva.com/health/healthcare/ascension-health-in-legal-dispute-over-care-for-poor-patients-a-closer-look-at-healthcare-access-in-texas/
  15. https://www.michigan.gov/lara/bureau-list/bpl/cert-lic
  16. https://www.legalserviceslink.com/articles/viewArticle/ascension-data-breach-compromised-social-security-numbers-and-insurance-information/
  17. https://integrisok.com
Breach Submission Date Jun 06, 2023
Converted Entity Name Ascension Providence
Converted Entity Type Healthcare Provider
State TX
Individuals Affected 1,415
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes