Cyber Incident Victim: EMI Health

EMI Health detected unusual network activity on August 10, 2021, prompting immediate measures to secure their systems. A subsequent forensic investigation revealed unauthorized access to their network between July 29, 2021, and August 10, 2021, during which an attacker deployed malware and acquired copies of documents containing member information. By August 23, 2021, EMI Health confirmed the compromised documents included sensitive data but had not yet finalized the review to identify specific affected individuals. The exposed information potentially included names, Social Security numbers, driver’s license numbers, addresses, dates of birth, health insurance identification numbers, and clinical details such as diagnosis and treatment information. The organization explicitly stated members’ full financial account numbers were not believed to be compromised in the incident.

EMI Health initiated a comprehensive document review to determine which members’ data was impacted, with plans to mail individualized breach notifications upon completion. They established a dedicated call center (1-855-675-3110) operating on Mountain Time weekdays to address member inquiries. For individuals whose Social Security numbers or driver’s license numbers were confirmed exposed, EMI Health committed to providing complimentary credit monitoring and identity protection services, with enrollment details to be included in forthcoming letters. The organization implemented additional claims review protocols to detect fraudulent activity and advised members to scrutinize insurance statements for unauthorized charges, directing them to contact customer service (1-800-662-5851 or [email protected]) or healthcare providers if discrepancies arose. EMI Health attributed the breach to unauthorized network intrusion and malware deployment, responding by enhancing network monitoring tools and conducting regular system audits to prevent recurrence.