Customers of a New York-based ambulance service, Empress EMS, have had their information exposed in an apparent data breach. Threat actors initially gained access to Empress’s systems in May 2022. They then exfiltrated data and deployed encryption in July. Empress made no mention of the group that was responsible for the attack. However, analysts at BleepingComputer were able to attribute the incident to the Hive ransomware gang. The group has removed the Empress EMS entry from their site, but analysts have verified that it was published at some point. Some of the information that was accessed included patient names, dates of service, insurance information, and Social Security numbers. The total number of affected individuals is thought to be nearly 319,000, but that number may be higher. The U.S. Department of Health and Human Services has been notified of the incident, and Empress is offering free credit monitoring services for those that are impacted.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in