ESO Solutions, a key software provider for healthcare and emergency services, was the victim of a ransomware attack. This cyberattack led to unauthorized data access and encryption of various company systems. The breach exposed a variety of personal information, depending on what patients had shared with their healthcare providers using ESO’s software. Compromised data includes: Full names Birth dates Phone numbers Patient account and medical record numbers Injury, diagnosis, treatment, and procedure details Social Security Numbers. It was confirmed that this breach affected data belonging to patients associated with ESO’s client hospitals and clinics in the U.S. To help mitigate risks, ESO is offering a year of identity monitoring services through Kroll to all notified individuals.

ESO Solutions, Inc. suffered a ransomware attack on September 28, 2023, leading to the potential exposure of personal and protected health information (PHI). The breach was formally reported to the California Office of the Attorney General on December 20, 2023. Compromised data may include highly sensitive details such as names, Social Security numbers, and medical treatment records, though the exact number of affected individuals remains undisclosed. The incident poses severe risks, including identity theft, financial fraud, and unauthorized access to medical histories, which could have long-term repercussions for victims. Given the nature of the exposed data—particularly health information—the breach carries significant legal, reputational, and operational consequences for the company, potentially triggering regulatory penalties under HIPAA and other data protection laws. The use of ransomware further escalates the threat, as attackers may demand payment while retaining or exploiting the stolen data.