Connect with us

Hi, what are you looking for?


Data Protection

Healthcare Firm EmCare Says 60,000 Employees and Patients Exposed in Breach

Dallas, Texas-based firm EmCare Inc disclosed on Saturday that a number of employees’ email accounts had been accessed, potentially exposing personal information of almost 60,000 people, including 31,000 patients.

Dallas, Texas-based firm EmCare Inc disclosed on Saturday that a number of employees’ email accounts had been accessed, potentially exposing personal information of almost 60,000 people, including 31,000 patients.

EmCare, part of Envision Healthcare, provides outsourced physician services to hospitals around the U.S. It has more than 700 practices at locations ranging from major hospitals and health systems to rural hospitals and ambulatory care centers.

In an incident notice statement published on its website on Saturday, April 20, 2019, EmCare said that it had discovered on February 19 that a third-party had gained unauthorized access to certain employees’ email accounts. It said that these accounts “contained some patients’, employees’ and contractors’ personal information, including name, date of birth or age, and for some patients, clinical information. In addition, in some instances, Social Security and driverís license numbers were impacted.”

The statement does not say how many accounts were accessed, nor how many people’s personal information was contained within them. It later told Bloomberg that it may be almost 60,000 people, and that 31,000 were patients. There is no indication of how the unauthorized access was achieved.

The statement attempts to minimize the impact of the breach. EmCare has no evidence that any personal information has been misused, or that anyone will attempt to misuse the information. It is not aware of any person who has been impacted by fraud or identity theft because of the incident; and doesn’t even know if any personal information was actually obtained by the intruder.

However, if the company cannot say that data was taken, it equally cannot say that it wasn’t taken. And similarly, while no victims of fraud are currently known does not mean that fraudsters will not attempt to misuse any stolen data in the future.

What is perhaps a little surprising is that although the incident was discovered onFebruary 19, it wasn’t until April 19 that the company began to send “written notification to all potentially impacted individuals for whom it has contact information.” For those employees and patients whose social security number or driving license number were impacted, EmCare has arranged a credit monitoring account with Experian’s IdentityWorks.

Advertisement. Scroll to continue reading.

Equally surprising, and a little disturbing, is that EmCare’s policy allows its employees to keep patients’ ‘clinical information’ unencrypted within their email accounts.

Related: Managed Healthcare Provider Humana Discloses Data Breach 

Related: Why Healthcare Security Matters 

Related: These Were the Top Threats Targeting Healthcare Firms in Q4 2016 

Related: Healthcare Was Most Attacked Industry in 2015: IBM 

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...


The three primary drivers for cyber regulations are voter privacy, the economy, and national security – with the complication that the first is often...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.