ESO Solutions has started notifying 2.7 million individuals that their personal and health information was compromised in a ransomware attack.
Security Week reports:
The incident occurred on September 28 and forced the company, a data and software provider for emergency responders, hospitals, and state and federal agencies, to take systems offline to contain it.
The attackers, the company says in an incident notice on its website, accessed and encrypted some of its internal systems, which it was able to safely restore using backups.
“Our investigation determined that the unauthorized third party may have acquired your personal data during this incident. Please know that we have taken all reasonable steps to prevent the data from being further published or distributed, and have notified and are working with federal law enforcement to investigate,” the incident notice reads.
One of the compromised systems, ESO Solutions says, contained patient information, including names, addresses, phone numbers, and other sensitive personal information and protected health information.
Read more at Security Week.