EMS Management and Consultants Inc. Reports MOVEit Data Breach Compromising Info Belonging to 223,598 | Console and Associates, P.C.
On August 9, 2023, EMS Management and Consultants Inc. (“EMS|MC”) filed a notice of data breach with the Attorney General of Maine after discovering that a vulnerability in the MOVEit file transfer system used by EMS|MC allowed an unauthorized party to access consumer information. In this notice, EMS|MC explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their name, date of transport, Social Security number, date of birth, financial account information, encounter/transport number, billing codes and other patient information. Upon completing its investigation, EMS|MC began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from EMS Management and Consultants Inc., it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft as well as discuss your legal options following the MOVEit / EMS Management and Consultants data breach. For more information, please see our recent piece on the topic here.
What Caused the Data Breach Affecting EMS Management and Consultants?
The EMS Management and Consultants MOVEit data breach was only recently announced, and more information is expected in the near future. However, EMS|MC’s filing with the Attorney General of Maine provides some important information on what led up to the breach. According to this source, EMS|MC provides medical billing services to emergency medical service providers. To allow EMS|MC to complete these services, medical providers give EMS|MC information related to services provided to certain individuals.
EMS|MC uses a file-transfer software called MOVEit. On May 31, 2023, and again in June 2023, Progress Software, the developer of MOVEit, announced that MOVEit had been compromised.
In response to learning about the MOVEit issue, EMS|MC installed all available patches and then launched an investigation into the incident. The EMS|MC investigation confirmed that an unauthorized party accessed the company’s MOVEit server on May 29, 2023 and removed certain files containing confidential information.
After learning that sensitive consumer data was accessible to an unauthorized party, EMS Management and Consultants reviewed the compromised files to determine what information was leaked and which consumers were impacted. EMS|MC completed this process on July 12, 2023. While the breached information varies depending on the individual, it may include your name, date of transport, Social Security number, date of birth, financial account information, encounter/transport number, billing codes and other patient information.
On August 9, 2023, EMS Management and Consultants sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About EMS Management and Consultants Inc.
EMS Management and Consultants Inc. is a billing service provider based in Lewisville, North Carolina. EMS|MC exclusively serves emergency medical services providers in the United States. Currently, EMS|MS serves approximately 240 healthcare clients in 24 states. EMS Management and Consultants employs more than 141 people and generates approximately $20 million in annual revenue.