Tarrant County Ambulance Provider Faces Data Breach
Table of Contents
- By Steven
- Dec 27, 2022
During this day and age, all hospitals are fair game. What we wouldn’t think about are things like an ambulance provider. However, it does make sense. A service like MedStar Mobile Healthcare has access to the credentials of hundreds, if not thousands, of EMTs and paramedics. A hacker might decide to take and sell these instead of taking a ten-day course on becoming an EMT and getting on-the-job experience. Luckily, in a way, the breach involved none of the paramedics’ information. The hacker only accessed the PHI (personal health information) of those MedStar served. This is still dangerous, but there is now less risk of the hack involving non-victims, as the hacker won’t be running around with a fraudulent paramedic’s license.
How Did the Attack Occur?
The attack was the result of what appears to be a system hack. An unauthorized party accessed a restricted system in the company’s database in October 2022, accessing the PHI of an undisclosed number of individuals.
What Information Was Viewed or Stolen?
The hacker accessed a good amount of information; for most victims, this only included non-financial billing information. Some, however, had their names, birthdays, certain care-related information, and contact information involved. This does put victims at heightened risk for certain things, but the lack of social security numbers and financial involvement means that what the hacker can do with their information is limited. This is especially true if the “information related to medical care” doesn’t include insurance details.
How Did MedStar Admit to the Breach?
MedStar sent a breach notice to the California State Attorney General’s Office. The notice held information on the breach, such as what happened, what information was involved, and what MedStar was doing. “We have security measures in place that allow us to take prompt action against attempted intrusions into our network,” said the notification. “Those measures were implemented here and reduced the scope of the third party’s activity. We also hired third-party experts to help us investigate the extent of the incident, and we are further securing our systems to protect the information we maintain.” This same note was sent to each victim, ensuring they were aware of the data breach.
What Will Become of the Stolen Information?
The hacker will most likely sell the stolen information. It seems simple and cliche, but depending on the detailed information, there isn’t much the hacker can do with it. They can, however, package the details nicely and make it look good for potential buyers who won’t be sure of exactly what they’re getting.
What Should Affected Parties Do in the Aftermath of the Breach?
We recommend taking MedStar up on its offer of free credit monitoring. As one of the top credit bureaus in the world, Experian will be better equipped to handle your situation than nearly anyone else and will help you in any way it can. We also recommend monitoring your emails and text messages for scams and phishing attempts, as this will help to keep you safer in the long run.