New York ambulance service breach reveals 300,000 user data

Empress EMS (Emergency Medical Services), a New York-based emergency response and ambulance service provider has confirmed a ransomware attack that exposed customer information.

The incident was reported to the U.S. Department of Health and Human Services. Although the Empress EMS report said 318,558 people were affected, there are fears that more people could be affected.

An investigation of the incident revealed that the intruder had gained access to Empress EMS systems on 26 May 2022. On 13 July, the day before the encryption, the hackers infiltrated “a small subset of files.”

“Some of these files contained patient names, dates of service, insurance information and, in some instances, Social Security numbers,” the company said in the statement.

The company said it had increased the security of its system and protocols to prevent similar incidents in the future.

According to the notification from Empress EMS, those who have not received a letter but can confirm that they have used Empress EMS’s services should contact the company to obtain credit monitoring services by 9 October 2022.

The sources for this piece include an article in BleepingComputer.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web