Data breach at NorthStar Emergency Paramedic Services impacts 80,000 patients

NorthStar Emergency Paramedic Services, a private ambulance service in Tuscaloosa that provides non-emergency, medically necessary ambulance transportation, announced that cyber threat actors may have accessed the records of more than 80,000 current and former patients in a cybersecurity breach that occurred on September 16, 2022.

 

NorthStar discovered that an unauthorized actor accessed certain data stored on its network, immediately secured the environment, and engaged independent cybersecurity experts to investigate.

 

After an extensive and time-consuming data review to determine whether the incident affected personal or protected health information, NorthStar determined on March 8, 2023, that the incident may have impacted information belonging to specific individuals.

 

The patients’ names, dates of birth, patient ID number, Social Security numbers, treatment information, Medicare/Medicaid number, and/or health insurance information may be affected. It has no evidence, however, that any information potentially involved in this incident was misused. NorthStar notified impacted individuals of the incident in writing via US mail and reported the incident to law enforcement.

 

The company also stated that in response to this incident, it had altered its cyber environment to prevent similar future incidents. NorthStar also established a toll-free call center to address questions and concerns about the incident.