Security Affairs
JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Esse Health data breach impacted 263,000 individuals

A cyberattack on healthcare provider Esse Health in April 2025 exposed data of 263K+ patients, including SSNs and medical info. In April 2025, Missouri-based healthcare provider Esse Health suffered a cyberattack that disrupted its systems and led to the theft of personal data from over hundreds of thousands individuals. Esse Health is an independent physician […]

Signature Healthcare

A cyberattack on healthcare provider Esse Health in April 2025 exposed data of 263K+ patients, including SSNs and medical info.

In April 2025, Missouri-based healthcare provider Esse Health suffered a cyberattack that disrupted its systems and led to the theft of personal data from over hundreds of thousands individuals.

Esse Health is an independent physician group based in the Greater St. Louis area, Missouri. Founded in 1996 through the merger of two physician-led organizations, it has grown to include over 100 doctors operating across 45–50 locations. The group offers a wide range of services, including adult and pediatric primary care, as well as specialties such as allergy, gastroenterology, radiology, and urology.

The breach, discovered on April 21, affected electronic medical records and phone systems.

“On April 21, 2025, suspicious activity was identified within the Esse Health network. We initiated an investigation with the assistance of external cybersecurity and forensic specialists. We took steps to secure our systems and notified law enforcement. Based on the investigation, a cybercriminal gained access to our network on April 21, 2025.” reads the data breach notice published by the company. “While in our network, the cybercriminal was able to view and copy certain files. As part of our investigation, we conducted a time-intensive review of the files involved to determine the types of data present and to whom it related.”

The company confirmed that stolen data included names, Social Security numbers, medical and insurance info.

According to the data breach notification shared with the Maine Attorney General’s Office, the data breach impacters 263,601 people.

The company pointed out that electronic medical record system was not accessed or copied. The organization is now notifying affected individuals by mail, following an internal investigation. Esse Health has also notified authorities.

Esse Health announced it has enhanced security measures to prevent similar incidents in the future and, though no misuse of data has been found, is offering free identity protection to affected individuals as a precaution.

“As a precaution, it is always good practice to remain vigilant against incidents of identity theft and fraud by reviewing account statements and monitoring free credit reports for suspicious activity and to detect errors.” concludes the notice. “Under federal law, you also are entitled every 12 months to one free copy of your credit report from each of the three major credit reporting companies listed below, whether or not you suspect any authorized activity on your account.”

Esse Health hasn’t provided details about the attack, but the widespread system disruption suggests a possible ransomware incident.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)