Electrostim Medical Services Inc. (EMSI) is a healthcare servicer in Tampa, Florida. They create and disperse home electrical stimulation devices, brace accessories, pain management solutions, and physical rehabilitation tools. They offer a range of products, from wearable, flexible garments to electrotherapy devices for pain relief. EMSI serves over 70,000 patients and employs another 400 from the Tampa Bay area.

LoanDepot is one of the nation’s most widespread nonbank mortgage lenders, offering financial solutions and opportunities to homeowners. Based in Irvine, California, LoanDepot allows homeowners to purchase land, refinance it, and strike the best deal in equity costs. After coming into existence in 2010, their history became one of upward growth; two years later, they were licensed in all 50 states and began expansions.

Edmonds School District (ESD) is in south Snohomish County, Washington. The district involves 35 schools, including Brier, Edmonds, Lynnwood, and Woodway institutions. The faculty of these schools serve over 20,000 grade-school students, with nearly 1,300 teachers leading diverse learning environments. Almost a year ago, ESD noticed suspicious activity within their network; after an investigation, officials determined the cause was a cybersecurity event.

For over a decade, the magnetic stripe was the authentication tool behind modern-day credit cards. Magnetic stripe technology was developed in the late 1960s, but it took time before widespread use. It wasn't until 1994 that EMV technology was developed, leading to the cards with the little chips embedded in them. Europe quickly embraced the EMV chip card, but the United States and Canada have taken longer.

This week, 2024, started with destructive numbers. Transformative Healthcare was featured early on; their breach happened in February 2023 and may impact over 900k people, including patients and former FAS employees. Bunker Hill Community College announced updates to their 2023 incident, where assailants released ransomware and stole an estimated 195k records.

The North Kansas City Hospital (NKCH) is just north of the Missouri River in North Kansas City, Missouri. The hospital boasts a considerable campus with 450 beds and over 100 more physicians. They provide nearly 50 medical specialties, including cancer, oncology, cardiology, women’s, and emergency care programs. The facility has served patients in the area for over 60 years; however, their recent breach may cause patients to receive care elsewhere.

Integris Health is one of Oklahoma’s largest medical networks; they operate hospitals, clinics, and urgent care from their 24 non-profit campuses. Integris commands over 1,800 patient beds across its facilities, with nearly as many physicians. At the end of November, Integris published a notice on their website; not only had cybercriminals breached their security and accessed patient data—the criminals also began extorting their victims.

Fred Hutchinson Cancer Center (FHCC) is a three-location care network that delivers solutions for cancer patients. They are an independent organization that provides experience for the University of Washington’s Medicine programs. FHCC’s multiple locations allow for over 400 treatment trials, giving even patients with advanced diagnoses hope for the future.

Our first breach report of 2024 concerns Boston’s retired Fallon Ambulance Service (FAS). When operating, FAS was a medical transcription company serving emergency services and other affiliated companies. Transformative Healthcare (TH) oversaw FAS as a support component of their telephone services. TH absorbed FAS in December 2022 but retained patient data in compliance with their legal obligations.

Bunker Hill Community College (BHCC) serves a population of about 13,000 across two campuses and dispersed locations. BHCC offers over 100 degrees, including arts, sciences, business, health, law, and STEM opportunities. In May 2023, BHCC experienced a ransomware event—officials responded by taking their systems offline—but the threat was successful nonetheless. The assailants stole an estimated 195,588 records in their attack.