Cyber Incident Victim: Stark Summit Ambulance
Date:
May 2020
Location:
United States of America
Summary
Stark Summit Ambulance experienced a data breach involving unauthorized access to multiple employee email accounts, compromising sensitive personal and protected health information of patients and employees. The exposed data included names combined with Social Security numbers, financial account details, medical diagnoses, treatment histories, insurance information, and prescription records. Following an investigation, the organization reset all affected account passwords and established a dedicated call center to address inquiries. The incident was reported to law enforcement authorities, including the FBI, with whom the firm is cooperating in the ongoing investigation.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Stark Summit Ambulance, an Ohio-based emergency medical services provider, detected unusual activity in one employee email account on May 28, 2020, initiating an investigation into a potential data security incident. Over the following months, the organization identified additional compromised employee email accounts, ultimately confirming unauthorized access to six accounts by late July 2020. The investigation revealed these accounts contained sensitive personal and protected health information belonging to both patients and employees. The compromised data included first names or initials combined with last names alongside at least one identifier from multiple categories: government-issued identification numbers (Social Security numbers, driver's licenses, state IDs, or passport numbers), financial account details (checking/savings accounts, credit/debit card numbers with PINs), and extensive medical information (diagnoses, treatments, treatment locations, clinical data, provider names, dates of service, medical history, insurance details including Medicare/Medicaid numbers, payment information, and prescription data). The full scope of impacted individuals was not quantified in available reporting, but the breach potentially exposed highly sensitive combinations of identifiers that could facilitate identity theft, financial fraud, and unauthorized disclosure of medical conditions.
Upon concluding their investigation in late July, Stark Summit Ambulance implemented password resets across all affected accounts to contain further unauthorized access. The organization formally notified affected individuals on September 4, 2020, approximately three months after initial detection and one month after completing their investigation. A dedicated toll-free call center was established to address inquiries, operating Monday through Friday from 9:00 AM to 9:00 PM Eastern Time at 833-901-0918. Stark Summit Ambulance reported the incident to the Federal Bureau of Investigation (FBI) and publicly confirmed their cooperation with the ensuing law enforcement investigation. The breach exposed multiple categories of high-sensitivity data that could enable various forms of misuse, though specific details regarding the attack vector, perpetrator identity, or total number of affected individuals were not disclosed in available sources.