Comstar, LLC

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Comstar, LLC Data Breach Overview

Comstar, LLC, an ambulance billing service based in Massachusetts, experienced a significant data breach that was first discovered on March 26, 2022. The breach led to the exposure of sensitive personal identifiable information and protected health information belonging to a large number of individuals.

Details of the Breach

The breach involved unauthorized access to Comstar’s network servers, which contained a variety of personal information. The types of data potentially accessed included:

  • Names

  • Social Security numbers

  • Medical assessments and medication administration
  • Health insurance information
  • Driver’s licenses
  • Financial account information[1][3][5][7][11].

Legal Actions and Notifications

Following the discovery of the breach, Comstar faced legal actions, including class action lawsuits filed by affected individuals. The plaintiffs accused Comstar of negligence and unjust enrichment, alleging that the company failed to protect its networks from hackers and delayed notifying customers about the breach. The lawsuits seek damages, fees, costs, and a jury trial[1][3].

Comstar began notifying individuals potentially impacted by the breach on May 23, 2022. The company has offered complimentary identity monitoring services through Equifax Credit Watch Gold to those affected[7][11].

Impact and Response

The breach reportedly affected over 565,000 individuals, with around 68,957 of those being residents of Massachusetts[2][7]. Comstar has been criticized for its handling of the breach, including the delay in notifying affected individuals and the lack of detailed information provided about the incident[3][9].

Recommendations for Affected Individuals

For those affected by the Comstar data breach, it is recommended to:

  • Review the breach notice and retain a copy.

  • Enroll in the free credit monitoring service provided by Comstar.

  • Change passwords and security questions for online accounts.
  • Regularly review account statements and monitor credit reports for signs of fraud or unauthorized activity.
  • Contact a credit bureau to request a temporary fraud alert[7].

Broader Context

The Comstar data breach is part of a larger trend of cyberattacks targeting healthcare institutions, which often hold sensitive patient information. These institutions are among the most targeted due to the valuable nature of the data they possess[2].

Conclusion

The Comstar data breach has had significant repercussions for the individuals whose data was compromised, as well as for the company itself. Legal actions are ongoing, and the incident serves as a reminder of the importance of robust cybersecurity measures, especially for companies handling sensitive personal and health information.

Citations:

  1. https://topclassactions.com/lawsuit-settlements/privacy/data-breach/comstar-ambulance-billing-service-hit-with-class-action-over-data-breach/
  2. https://www.wwlp.com/news/crime/the-biggest-health-care-data-breaches-you-should-know-about-in-massachusetts/
  3. https://www.classaction.org/news/ambulance-billing-company-comstar-hit-with-class-action-over-2022-data-breach
  4. https://www.golocalprov.com/news/providence-residents-who-used-city-rescue-told-their-data-possibly-breached
  5. https://www.prnewswire.com/news-releases/comstar-llc-provides-notice-of-data-breach-301567976.html
  6. https://whav.net/2023/04/03/lawrence-general-hospital-reports-breach-of-protected-health-information-at-computer-server/
  7. https://www.turkestrauss.com/2022/06/06/comstar-ambulance-billing-service-data-breach-investigation/
  8. https://theclassactionnews.com/investigation/comstar-ambulance-data-breach/
  9. https://www.wilmingtonma.gov/home/news/comstar-ambulance-billing-security-breach
  10. https://apps.web.maine.gov/online/aeviewer/ME/40/399a5fb3-46b5-46f4-87a7-38a54e2059fc.shtml
  11. https://www.legalscoops.com/comstar-ambulance-billing-service-cyber-attack-and-data-breach/
Breach Submission Date May 26, 2022
Converted Entity Name Comstar, LLC
Converted Entity Type Business Associate
State MA
Individuals Affected 68,957
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes