Data Breach at Tuscaloosa’s NorthStar Paramedic Services Could Impact 82,000 Patients
A cybersecurity breach at a private ambulance service in Tuscaloosa may have given bad actors access to the records of more than 80,000 current and former patients, NorthStar Emergency Paramedic Services announced this week.
On Tuesday, NorthStar took to its website to report the problem and mailed physical letters to patients who may have been impacted by the breach. The company said they became aware of the potential intrusion in September.
"On September 16, 2022, NorthStar discovered unusual activity in its digital environment. Upon discovering this activity, it immediately took steps to secure the environment and engaged independent cybersecurity experts to conduct an investigation," the company said. "As a result of the investigation, NorthStar learned that an unauthorized actor accessed certain data stored on its network. NorthStar then undertook an in-depth and time-consuming review of the data in order to determine whether any personal or protected health information was affected by the incident. On March 8, 2023, as a result of this review, NorthStar determined that information belonging to certain individuals may have been impacted by the incident."
The company said they have no evidence that the data which was accessed has been misused for other cybercrime or identity theft, but the potentially affected data included extremely private information including "individuals’ names, Social Security numbers, dates of birth, patient ID number, treatment information, Medicare/Medicaid number, and/or health insurance information."
Northstar said they have beefed up cybersecurity and reported the breach to appropriate law enforcement agencies. They recommended that impacted patients should take steps to protect themselves digitally, like those recommended by the Federal Trade Commission.
The company has also established a toll-free call center to answer questions about the incident, which is staffed from 8 a.m. until 8 p.m. every weekday and can be reached at 833-753-4562.
"The privacy and protection of personal and protected health information is a top priority for NorthStar, which deeply regrets any inconvenience or concern this incident may cause," they said in the statement.