Cyber Incident Victim: Emergence Health Network

On August 18, 2015, Emergence Health Network (EHN), the mental health authority for El Paso County, Texas, detected suspicious activity on one of its internet-connected computer servers. A subsequent investigation revealed unauthorized external access to the server, with forensic analysis indicating the initial compromise potentially dated back to 2012. The breached server contained protected health information of individuals who had received services from EHN or its predecessor organizations (El Paso MHMR and Life Management Center). Exposed data included full names, addresses, dates of birth, Social Security numbers, case numbers, and records confirming patients' use of mental health services. EHN confirmed through a third-party audit that no medical records were stored on the affected server. The organization disabled the compromised server upon discovery to contain further unauthorized access, though the exact duration of exposure remained unclear due to the multi-year potential breach window.

EHN initiated written notifications to 11,100 affected individuals on October 8, 2015, advising them of the potential disclosure despite having no evidence of actual misuse or data exfiltration. The notification letter outlined the breach timeline, nature of exposed data, and recommended precautionary measures such as credit monitoring. EHN established a dedicated toll-free number (844-637-6466) and email address ([email protected]) for patient inquiries. Organizational response included implementing enhanced security protocols for data transmission and storage, collaborating with state and federal agencies to mitigate potential impacts, and conducting internal reviews to prevent future incidents. The breach's scope included both active and inactive patients, though notification letters did not specify the exact timeframe of affected records or provide details about the attacker's identity or motives.