Metropolitan Area EMS Authority dba MedStar Mobile Healthcare

MedStar Mobile Healthcare Data Breach

MedStar Mobile Healthcare, also known as the Metropolitan Area EMS Authority, experienced a significant data breach that affected 612,000 individuals. The breach was the result of a hacking incident that targeted the company’s network servers.

What Happened?

On October 20, 2022, MedStar detected suspicious activity within its information network. An unauthorized actor accessed certain network systems, and it was confirmed that private data was reviewed and/or removed from MedStar’s computer systems[3]. The breach involved ransomware, and while MedStar did not pay a ransom, they were able to fully restore their systems within 48 hours[5]. The cyberattack led to disruptions in MedStar’s operations, including extended ambulance wait times as dispatchers had to revert to using radios, maps, and pen and paper[4][7].

Information Compromised

The unauthorized party gained access to consumers’ protected health information (PHI). For most victims, this included non-financial billing information, but some individuals also had their names, birthdays, care-related information, and contact information compromised[2]. The breach did not involve paramedics’ information[2].

Response and Notification

MedStar sent out data breach notification letters to all individuals whose information was compromised[1]. They also filed a notice of the data breach with the Department of Health and Human Services Office for Civil Rights[1]. MedStar has taken steps to secure its systems and data further and has offered credit monitoring services to affected individuals[2][5].

Legal and Settlement Information

Affected patients may be able to pursue a data breach class action lawsuit against MedStar if evidence shows that the company was negligent in maintaining or storing patient information[1]. MedStar has agreed to a class action lawsuit settlement to resolve claims that it failed to protect consumers from the 2022 data breach. Class members can receive up to $3,000 for out-of-pocket losses and are eligible for one year of free credit-monitoring services. MedStar also agreed to make cybersecurity changes through December 31, 2024[10].

Recommendations for Affected Individuals

If you received a notification letter from MedStar, it is recommended that you:

• Review the breach notice and retain a copy.

• Enroll in any free credit monitoring service provided by MedStar.

• Change your passwords and security questions for related online accounts.
• Review account statements and credit reports for signs of fraud or identity theft.
• Contact a credit bureau to request a temporary fraud alert[3].

Conclusion

The MedStar Mobile Healthcare data breach is a serious incident that has potentially exposed sensitive health information of hundreds of thousands of individuals. Affected parties are advised to take protective measures and may have legal recourse through the class action settlement. MedStar has taken steps to enhance its cybersecurity measures to prevent future breaches[10].

Citations:

1. https://www.jdsupra.com/legalnews/medstar-mobile-healthcare-files-notice-8635495/
2. https://www.idstrong.com/sentinel/tarrant-county-ambulance-data-breach/
3. https://colevannote.com/data-breach-medstar-mobile-healthcare/
4. https://www.cbsnews.com/texas/news/ambulance-wait-times-stretched-up-to-an-hour-after-medstar-hack/
5. https://www.bankinfosecurity.com/texas-county-ems-agency-says-ransomware-breach-affects-612k-a-20876
6. https://www.paubox.com/news/medstar-proposes-settlement-following-privacy-breach
7. https://www.ems1.com/technology/articles/cyberattack-on-texas-ems-agency-delays-response-times-for-several-days-Y3HkwJNbTnvMUPFq/
8. https://www.scmagazine.com/analysis/hive-claims-stealing-consulate-health-data-provider-reports-vendor-incident
9. https://www.hipaajournal.com/medstar-mobile-health-data-breach-settlement/
10. https://topclassactions.com/lawsuit-settlements/open-lawsuit-settlements/medstar-data-breach-class-action-settlement/
11. https://maemsdatasettlement.com
12. https://www.myinjuryattorney.com/data-breach-at-medstar-mobile-healthcare/
13. https://www.cbsnews.com/texas/news/medstar-reports-its-computer-network-was-hit-by-a-cyberattack/
14. https://stacker.com/texas/biggest-health-care-data-breaches-you-should-know-about-texas
15. https://www.thelyonfirm.com/blog/medstar-mobile-healthcare-data-breach-investigation/