Muskogee City County Enhanced 911 Trust Authority (MCC911), based in Oklahoma, recently experienced a major data breach involving the protected health information of up to 180,000 individuals. The breach was detected on July 25, 2024, when unusual activity within its network indicated a ransomware attack. Upon discovering the unauthorized access, MCC911 acted swiftly to contain the breach and prevent further unauthorized access. The organization engaged cybersecurity professionals to investigate the incident, determine how the attack occurred, and assess the scope of the breach.
The investigation revealed that the ransomware attack had compromised parts of MCC911’s network between April 4, 2024, and July 31, 2024. During this period, sensitive data related to individuals who had received emergency medical services in Muskogee County between January 2011 and April 2023 may have been exfiltrated. The compromised information included personal details such as names, addresses, dates of birth, Social Security numbers, medical diagnoses and treatments, hospital provider names, and health insurance information. The data exposure varied depending on the individual affected.
While MCC911 has found no evidence of misuse of the exposed data, the organization has urged impacted individuals to monitor their accounts and health insurance statements for any suspicious activity. In response to the breach, MCC911 has taken several proactive steps to bolster its cybersecurity defenses. These measures include the introduction of new endpoint detection and monitoring tools, the updating of its firewall, and the implementation of geolocation restrictions to limit access to the network.
MCC911 has also reconfigured its resources to provide additional layers of protection to its systems. These cybersecurity improvements are part of the organization’s ongoing commitment to safeguarding sensitive data and preventing similar incidents in the future. The breach has underscored the increasing vulnerability of public-sector organizations to sophisticated ransomware attacks and highlighted the importance of investing in robust cybersecurity measures.
Reference:
