Air medical transport and travel security membership program, Medjet and MedjetAssist (Medjet) based in Birmingham, AL has reported a breach involving the installation of malware on its network by a threat actor. The malware attack was discovered on October 17, 2023 because systems were not accessible. On December 5, 2024, the forensic investigation results revealed that the attacker potentially stole files from the system during the attack.
The investigation tried to find out which files were copied from its network. That process was finalized on or about May 10, 2024. The compromised data included names, Social Security numbers, and addresses. Medjet also mentioned that it did not receive any report of actual or attempted client data misuse during the mailing of notifications.
Notification letters began to be dispatched on January 5, 2024; nevertheless, with the progress of the investigation, it was discovered that other data was potentially impacted and more breach notifications were sent on June 3, 2024. Medjet sent a notification to the Maine Attorney General indicating that 14,400 clients’ data was compromised, including 9 residents of Maine. The impacted people were provided a year of credit monitoring and identity theft protection services by Kroll. Although a complex password system and multifactor authentication were in place before the attack, attackers still managed to bypass the security. Medjet will keep on reviewing its cybersecurity procedures to find ways to reinforce security.
Medjet was established in 1991 and currently manages over 250 air ambulances from 50 dispatch centers scattered on all continents of the world except Antarctica.
Lawyers from ClassAction.org are investigating the Medjet data breach to determine if a class action lawsuit can be filed against Medjet. They are seeking individuals who got a breach notice saying they were affected. According to a notice presented to the Texas attorney general’s office, protected health information such as government-issued ID numbers, driver’s license numbers, medical data, medical insurance data, and financial data (e.g., financial account number, credit or debit card number) might have also been impacted.
