DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Lee County Emergency Medical Services notifies past customers of third-party security breach

Posted on August 15, 2022 by Dissent

Cape Coral Breeze reports:

Lee County Emergency Medical Services reports that on Aug. 4 staff received notification of a customer data breach related to a previous third-party vendor responsible for ambulance billing services.

Lee County EMS conducted business with a company called Intermedix Corporation for nearly 15 years, ending its vendor contract in September 2014. Intermedix hired a law firm called Smith, Gambrell & Russell (SGR); the firm was in possession of the data when the breach occurred.

Read more at Cape Coral Breeze.

Lee County’s notice, posted on their website on August 11, reads:

Lee County Emergency Medical Services notifies past customers of third-party security breach

Fort Myers, FL, Aug. 11, 2022 – Lee County Emergency Medical Services reports that on Aug.4 staff received notification of a customer data breach related to a previous third-party vendor responsible for ambulance billing services.

Lee County EMS conducted business with a company called Intermedix Corporation for nearly 15 years, ending its vendor contract in September 2014. Intermedix hired a law firm called Smith, Gambrell & Russell (SGR); the firm was in possession of the data when the breach occurred.

Of all the records the firm handled, less than 2% of the total may have been compromised. At this time, there is no indication that any of the information was misused and the notice is being provided out of an abundance of caution, according to SGR.

The county immediately worked with Intermedix and SGR to assist their efforts to notify those who are potentially impacted, as required by federal law. Impacted individuals should receive a letter in the mail within the next 14 to 21 days.

The county is sharing this with media for transparency and to assist Lee County residents who may be receiving notification in the mail.

Lee County’s EMS website has been updated to include information about the types of protected health information involved, steps that individuals should take to protect themselves, a description of the SGR/Intermedix security breach and contact information for those with questions. The website URL is
www.leegov.com/publicsafety/emergencymedicalservices. People can also call 800-939-4170.

DataBreaches does not see any information on the county’s website at this time with the types of protected health information involved, but if it was an ambulance billing services that had stored data, it would likely at least include name, address, date of service, and health insurance information — insurance information that may be out of date after 8 years.

For its  part, Smith, Gambrell & Russell posted a notification on their site that indicates that they provide services for for the Government Employees Insurance Companies. According to their incident disclosure, they first discovered a breach of their IT system and exfiltration of some files on August 9, 2021. They do not indicate when the attack actually occurred.  They are offering those affected some mitigation services through IDX and write:

Contact 1-833-423-2985 Monday through Friday, from 9 am – 9 pm Eastern Time to determine whether you were impacted and can enroll in these services.

No related posts.

Category: Business SectorHackHealth DataSubcontractorU.S.

Post navigation

← NYDFS Proposed Amendments to Its Cybersecurity Rules
Cyberattack on the Presidency of Moldova compromised servers →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hunters International to provide free decryptors for all victims as they shut down (1)
  • SEC and SolarWinds Seek Settlement in Securities Fraud Case
  • Cyberattacks Disrupt Iran’s Bread Distribution, Payments Remain Frozen
  • Hacker with ‘political agenda’ stole data from Columbia, university says
  • Keymous+ Hacker Group Claims Responsibility for Over 700 Global DDoS Attacks
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • DOJ investigates ex-ransomware negotiator over extortion kickbacks
  • Hackers Using PDFs to Impersonate Microsoft, DocuSign, and More in Callback Phishing Campaigns
  • One in Five Law Firms Hit by Cyberattacks Over Past 12 Months
  • U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t
  • Oregon Amends Its Comprehensive Privacy Statute
  • Wisconsin Supreme Court’s Liberal Majority Strikes Down 176-Year-Old Abortion Ban

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.