MedStar Health and DocGo Reveal Data Breaches

Written by

Two US healthcare providers have announced serious cybersecurity incidents in which patient information was accessed.

DocGo provides mobile medical services and transportation in 26 US states and the UK. The firm revealed in an SEC filing yesterday that it “recently” identified unauthorized activity on its network.

“As part of its investigation, the company has determined that the threat actor accessed and acquired data, including certain protected health information, from a limited number of healthcare records within the company’s US-based ambulance transportation business, and that no other business lines have been involved,” it said in the Form 8-K filing on Tuesday.

The firm didn’t disclose how many patients may have been affected by the breach, but claimed the incident had been promptly contained, an investigation launched alongside third-party security experts and law enforcement/impacted individuals notified.

“To date, the cybersecurity incident has not had a material impact on the company’s operations, and the company currently does not expect that the cybersecurity incident will have a material impact on its overall financial condition or on its ongoing results of operations,” it concluded.

Read more on healthcare breaches: 11 Million Patients Impacted in Healthcare Data Breach

Separately, Maryland-headquartered not-for-profit MedStar Health revealed in a filing to the US Department of Health and Human Services Office for Civil Rights that it was breached last week.

Over 183,000 individuals were impacted by the incident, which occurred last year.

“We discovered that an outside party had accessed emails and files associated with three MedStar Health employee email accounts. The unauthorized access occurred intermittently between January 25, 2023 and October 18, 2023,” it explained in a breach notice.

“On March 6, 2024, after conducting a forensic analysis of the unauthorized access, we determined that patient information was included in the emails and files that were accessed. While we have no reason to believe that patient information was actually acquired or viewed, we cannot rule out such access.”

Among the patient information likely to have been accessed were names, mailing addresses, dates of birth, dates of service, provider names and/or health insurance information.

In the wake of the incident, MedStar Health said it had enhanced existing “physical, technical, and administrative controls” with additional “safeguards and security measures.”

“We apologize for any concern or inconvenience this may cause. Patients whose information may have been involved are encouraged to review statements they receive related to their healthcare,” it added.

“If they identify anything unusual related to the healthcare services or the charges for services, they should contact the healthcare entity or health insurer immediately.”

Image credit: JHVEPhoto /

What’s hot on Infosecurity Magazine?