Strauss Borrelli PLLC, a leading data breach law firm, is investigating ESHA, Inc. regarding its recent data breach. The ESHA data breach may have involved sensitive personal identifiable information and protected health information belonging to an undetermined number of individuals.
ABOUT ESHA, INC.:
ESHA is a revenue cycle management company based in Fort Worth, Texas, that provides services to healthcare providers. 1 Some of the providers that utilize ESHA’s services include Aamir Zuberi, M.D. P.A., Acton Medical Clinic, Adil M Choudhary, M.D., P.A., Apex Wound Care, Benecia Williams, D.O., Farrukh Bhatti, Dr. Lan Le, Hanane Chichane, MD PA, ID Experts, PLLC, iMedicine & Primary Care Associates PLLC, Imran Patel, Johnna Jones, D.O., FACOS PA, Khalid Bazir, M.D., Lung & Sleep Specialists of North Texas, Medical Associates of North Texas, Meria Aulds, M.D., P.A., North Texas Lung & Sleep Clinic PA, The Lung Consultants LLC, Trinity Heritage, PLLC, Valor Interventional Pain LLC, Hayden Smith, Omar Selod, Austen Watkins, Gastroenterology Center PA, TCIDA Pharmacy, Texas Center Infectious Disease Association, and Premier Gastroenterology of Texas.
WHAT HAPPENED?
Recently, ESHA reported to the Attorney General of New Hampshire that it had experienced a data breach in which sensitive personal identifiable information and protected health information in its systems may have been accessed. According to the breach notice, on July 19, 2024, ESHA became aware of a data security incident impacting its network. In a press release, ESHA disclosed that the data breach was a ransomware incident. As a result, ESHA launched an investigation to determine the nature of the incident.
Through its investigation, ESHA discovered that the sensitive personal information of current, former, or prospective residents and/or staff members of its customers may have been compromised by an unauthorized third party between July 13 and July 17, 2024.2 As a result, ESHA began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. The exact type of personal information potentially exposed has not been made publicly available by ESHA. However, according to state reporting guidelines, “personal information” can include the following types of information:
- Name
- Social Security number
- Driver’s license or other government identification number
- Account number, credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account
On November 15, 2024, ESHA began mailing data breach notification letters to impacted individuals. Based on the breach notice sent to New Hampshire residents, ESHA is providing affected individuals with a list of the specific types of sensitive information impacted and complementary credit monitoring services. A link to the form breach notification letters that ESHA filed with the Attorney General of New Hampshire is below
If you received a breach notification letter from ESHA, Inc.:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
