On December 18, 2023, ESO Solutions, Inc. filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights, confirming that hackers were able to access the company’s IT network through a ransomware attack. In this notice, ESO explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, phone numbers, addresses, sensitive personal information and protected health information. Upon completing its investigation, ESO began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you receive a data breach notification from ESO Solutions, Inc., it is essential you understand what is at risk and what you can do about it. Keep in mind that you may also receive a letter from your healthcare provider, as ESO performs certain services for healthcare entities (which is also why you may not have heard of the company before). A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the ESO Solutions data breach. For more information, please see our recent piece on the topic here.

What Caused the ESO Solutions Data Breach?

The ESO Solutions data breach was only recently announced, and more information is expected in the near future. However, ESO’s filing with the U.S. Department of Health and Human Services Office for Civil Rights provides some important information on what led up to the breach. The company also posted a website notice discussing the incident.

According to these sources, on September 28, 2023, ESO detected and stopped a ransomware attack. While ESO was able to terminate unauthorized access, ESO hired third-party data cybersecurity specialists to help ESO investigate the incident and determine what, if any, patient data was leaked as a result. ESO also cooperated with the federal law enforcement investigation.

On October 23, 2023, through its investigation, ESO was able to confirm that an unauthorized party had gained access to parts of its IT network, including files containing confidential patient information.

After learning that sensitive patient data was accessible to an unauthorized party, ESO Solutions reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, phone number, address, sensitive personal information and protected health information. While ESO’s website notice doesn’t specifically mention that Social Security numbers were leaked, some of the company’s healthcare clients received letters from ESO indicating their SSNs were compromised.

On December 18, 2023, ESO Solutions sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.

More Information About ESO Solutions, Inc.

Founded in 2004, ESO Solutions, Inc. is a data and software company headquartered in Austin, Texas. ESO provides software services designed to help hospitals and healthcare systems, including private EMS agencies, fire departments, and state EMS offices, improve operations, quality of care, and patient outcomes. ESO Solutions employs more than 500 people and generates approximately $227 million in annual revenue.