Notice of Data Security
Incident
This notice provides information regarding a recent cybersecurity incident that involved certain individuals’ personal information and protected health information. ESO Solutions, Inc. (“ESO”) provides software services that help hospitals and healthcare systems improve operations, quality, and patient outcomes. Bravera Health Brooksville and Spring Hill Hospitals (“Hospitals”) contracted with ESO to provide trauma registry services, so ESO had relating to a limited number of individuals who had received injury or emergency care from the Hospitals . ESO takes the security of information seriously and is providing notice and resources so impacted individuals can protect themselves.
On September 28, 2023, ESO detected and stopped a sophisticated ransomware incident, in which an unauthorized third party accessed and encrypted some of ESO’s computer systems. ESO immediately took the affected systems offline, secured the network environment, and engaged third-party forensic specialists to assist with investigating the extent of any unauthorized activity.
On October 23, 2023, ESO determined that the unauthorized third party may have acquired some personal data during this incident. Please know that ESO has taken all reasonable steps to prevent the impacted data from being further published or distributed, and ESO notified and is working with law enforcement to investigate.
The impacted data varied by individual, but may have included names, phone numbers, addresses, and some sensitive personal information and/or protected health information including, in some limited cases, social security numbers. ESO is mailing letters to affected individuals and posting notice on its website. As of the date of this notice, ESO is unaware of any misuse of the involved information, but as a precaution, ESO is offering complimentary credit monitoring and identity theft protection services to individuals whose Personal Identifiable Information (PII) may have been impacted. Each individual notification letter includes a list of specific data elements impacted as well as resources that individuals may use to protect themselves.
ESO sincerely regrets this incident and any inconvenience it may have caused. For more information on this incident, individuals may call the help line at (866) 347-8525. Representatives are available to assist between the hours of 9:00 a.m. to 6:30 p.m. Eastern Time, Monday through Friday, excluding holidays. Individuals also may visit ESO’s website at https://www.eso.com/notice-of-cybersecurity-incident/.
Published: December 15, 2023
_________________