NorthStar Hit with Data Security Incident

NorthStar Emergency Medical Services has learned of a data security incident that may have impacted data belonging to certain current and former patients. 

On September 16, 2022, NorthStar discovered unusual activity in its digital environment. Upon discovering this activity, it immediately took steps to secure the environment and engaged independent cybersecurity experts to conduct an investigation. As a result of the investigation, NorthStar learned that an unauthorized actor accessed certain data stored on its network. NorthStar then undertook an in-depth and time-consuming review of the data in order to determine whether any personal or protected health information was affected by the incident. On March 8, 2023, as a result of this review, NorthStar determined that information belonging to certain individuals may have been impacted by the incident. 

While NorthStar has no evidence that any information potentially involved in this incident has been misused, out of an abundance of caution, NorthStar is informing affected individuals about the steps they can take to help protect their information. The potentially affected information may include individuals' names, Social Security numbers, dates of birth, patient ID number, treatment information, Medicare/Medicaid number and/or health insurance information. On March 14, 2023, NorthStar provided written notification of the incident via US mail to impacted individuals. 

NorthStar has taken steps in response to this incident and has made alterations to its cyber environment to help prevent similar incidents from occurring in the future. NorthStar has also reported the incident to law enforcement.