A data breach at US ambulance billing service Comstar has potentially exposed sensitive information belonging to medical patients.
The healthcare security incident was discovered on March 26, when Comstar noticed “suspicious activity” related to some servers within its environment.
As a result, information belonging to “certain individuals” was accessed, including names, dates of birth, information regarding medical assessment and medication administration, health insurance information, drivers’ licenses, financial account information, and Social Security numbers.
In a data breach notification issued yesterday (June 14), Comstar said it “immediately took steps to secure our network, and launched a thorough investigation, with the assistance of third-party experts, to determine the nature and scope of the incident”.
The company continued: “On April 21, 2022, the investigation determined that certain systems on Comstar’s network were subject to unauthorized access. However, the investigation was unable to confirm what specific information on those systems was accessed.
“As such, Comstar reviewed the contents of those systems to determine what information was contained therein and to whom it related for purposes of notification.”
Credit monitoring
Comstar has not yet released any information on the number of potentially impacted individuals, however anyone thought to be affected can access free credit monitoring services.
The Daily Swig has reached out to Comstar for more information.
Source: https://portswigger.net/daily-swig/data-breach-at-us-ambulance-billing-service-comstar-exposed-patients-healthcare-information