ESO Solutions has begun notifying 2.7 million individuals that their personal and health information has been compromised in a ransomware attack. The incident occurred on September 28 and forced the company to take systems offline to contain it. ESO Solutions is a data and software provider for emergency responders, hospitals, and state and federal agencies. The attackers accessed and encrypted some of its internal systems, that were safely restored using backups.
Their investigation showed the ransomware group may have accessed personal data through the attack. One of the compromised systems contained patient information, including phone numbers, addresses and names, along with other protected health information. There has not been any ransomware group taking credit fo the attack, however, ESO Solutions said it took reasonable steps to prevent the data from being further published or distributed, indicating that a group did take credit. ESO began mailing out letters to the 2.7 million impacted people on December 12.