Ascension Providence
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Ascension Providence, a healthcare provider in Waco, Texas, experienced a data breach due to a cyberattack on one of its contractors, ESO Solutions. The ransomware attack occurred in September and was discovered on September 28 when ESO Solutions found that an unauthorized third party had accessed and encrypted some of its computer systems. ESO Solutions, a data and software company that provides services to healthcare facilities, immediately shut down the affected systems and secured the network[1][2].
The breach potentially exposed personal and medical information of patients, including names, Social Security numbers, dates of birth, addresses, medical record or account numbers, treatment-related information such as injury and diagnosis information, procedure types, insurance, and payer information. Ascension Providence stated that their own systems were not directly affected by the attack[1].
ESO Solutions began notifying potentially affected patients and offered support services such as credit and identity theft monitoring. Patients who did not receive a notification letter were not affected by the network attack[1]. The breach impacted various hospitals and healthcare systems across the country, including Ascension Providence Hospital in Waco[2].
In response to the incident, ESO Solutions hired third-party cybersecurity specialists to investigate and confirmed that an unauthorized party accessed parts of its computer system, including files containing confidential patient information. Notification letters were sent out to affected individuals starting December 12, 2023[2].
Ascension Providence has taken steps to address the breach, including reviewing processes for vendor-hosted websites, shutting down affected sites, and creating new ones hosted by Ascension. They also provided complimentary credit and identity theft protection services to those with sensitive information affected and recommended that patients and clients review credit and identity theft protection measures[10].
Citations:
- https://wacotrib.com/news/local/crime-courts/ascension-providence-warns-cyberattack-on-contractor-may-have-compromised-patient-info/article_ed316c88-99e9-11ee-9d13-2360d7b7a642.html
- https://www.jdsupra.com/legalnews/eso-solutions-data-breach-update-eso-6676886/
- https://www.kxan.com/news/local/austin/austin-police-association-files-petition-asking-court-to-intervene-on-police-oversight-lawsuit/
- https://www.beckershospitalreview.com/cybersecurity/18-000-ascension-patients-caught-in-data-breach.html
- https://company.wizards.com/en
- https://www.jdsupra.com/legalnews/ascension-announces-data-breach-4335354/
- https://www.diviresorts.com/divi-village-golf-beach-resort.htm
- https://www.fox44news.com/news/local-news/mclennan-county/ascension-providence-raising-awareness-of-data-breach/
- https://www.ticketsatwork.com/tickets/
- https://wacotrib.com/news/local/ascension-providence-reports-website-breach-from-march/article_cbed4d50-0702-11ee-b004-3b2932cba3e3.html
- https://skillbridge.osd.mil/locations.htm
- https://www.hipaajournal.com/eso-solutions-data-breach/
- https://www.hap.org
- https://medriva.com/health/healthcare/ascension-health-in-legal-dispute-over-care-for-poor-patients-a-closer-look-at-healthcare-access-in-texas/
- https://www.michigan.gov/lara/bureau-list/bpl/cert-lic
- https://www.legalserviceslink.com/articles/viewArticle/ascension-data-breach-compromised-social-security-numbers-and-insurance-information/
- https://integrisok.com