Esse Well being, a healthcare supplier primarily based in St. Louis, Missouri, is notifying over 263,000 sufferers that their private and well being data was stolen in an April cyberattack.
As the biggest impartial physicians’ group within the Higher St. Louis space, Esse Well being operates 50 places and employs over 100 physicians.
The group was made conscious of a breach after the attackers took down some main patient-facing community techniques and its telephone techniques on April 21.
Impacted techniques have been introduced again on-line till June 2, when Esse Well being up to date a notification on its web site to tell sufferers they may once more attain out through all common channels, together with textual content messages, telephone calls, and the affected person portal.
“Primarily based on the investigation, a cybercriminal gained entry to our community on April 21, 2025. Whereas in our community, the cybercriminal was capable of view and duplicate sure information,” Esse Well being privateness officer Jaime L. Bremerkamp says in breach notification letters despatched to 263,601 affected people.
“As a part of our investigation, we performed a time-intensive evaluate of the information concerned to find out the kinds of information current and to whom it associated. This evaluate recognized that data associated to you will have been contained in these information.”
In response to a submitting with Maine’s Lawyer Common on Monday, the attackers stole a variety of delicate information for every impacted affected person, together with private data (e.g., identify, deal with, date of start), medical insurance data, medical file quantity, affected person account quantity, and a few well being data.
Esse Well being additionally said that it discovered no proof of stolen social security numbers and confirmed that its NextGen digital medical file system was not breached.
These affected are suggested to evaluate their account statements and monitor their credit score experiences for suspicious exercise that could be linked to identification theft and fraud makes an attempt. Esse Well being additionally offers them with free identification safety providers by way of data breach and restoration providers supplier IDX in the event that they enroll by September 25, 2025.
Whereas Esse Well being has but to disclose the character of the assault, restoration efforts spanning a number of months recommend a ransomware assault, the place a few of its techniques have been encrypted after the menace actors stole paperwork containing sufferers’ information. Nevertheless, no ransomware operation has claimed accountability for the breach since April.
An Esse Well being spokesperson was not instantly obtainable for remark when BleepingComputer reached out for extra particulars earlier at this time.
Whereas cloud assaults could also be rising extra refined, attackers nonetheless succeed with surprisingly easy strategies.
Drawing from Wiz’s detections throughout hundreds of organizations, this report reveals 8 key strategies utilized by cloud-fluent menace actors.
