Incident comes following ransomware attack in July

Data breach at Mississippi ambulance service exposes sensitive information of patients

UPDATED A ransomware attack on a Mississippi ambulance service resulted in a data breach affecting an as yet unknown number of patients, investigators have discovered.

The security incident at AAA Ambulance Service (AAA), based in Mississippi, US, was discovered on July 1, 2020.

After taking “immediate steps” to mitigate the attack, AAA said it employed a third-party forensic team to conduct an investigation.

As part of that investigation, security experts have determined that personally identifiable information may have been access by an unknown third party.

First and last names, social security numbers, bank details, medical records information, and health insurance information are among the details that were exposed by the breach.


Read more of the latest data breach news


A statement (PDF) from AAA claims there is no evidence to suggest that any data has been “actually misused”.

The document reads: “On August 26, 2020, after thorough investigation, AAA learned that the personal information of certain individuals may have been accessed or taken during the incident.”

AAA said that in addition to notifying those affected directly, it is offering complimentary credit monitoring services.

It added: “The privacy and protection of private information is a top priority for AAA. We deeply regret any inconvenience or concern this incident may cause.”

The statement contains more information on how victims can protect themselves and their data from fraud.

Multiple cases

The incident comes after a number of breaches affecting US healthcare services via a ransomware attack on a third-party vendor.

Blackbaud, which provides fundraising software for organizations across the globe, suffered a ransomware attack in May 2020.

Since then, multiple organizations using Blackbaud software have reported data breaches.

A spokesperson for AAA confirmed to The Daily Swig that this incident was not a result of the Blackbaud incident.

This article has been updated to include clarification from AAA


YOU MAY LIKE Tennessee healthcare data breach impacts 235,000 patients