ESHA Notifies Over 76k People of Recent Data Breach | Console and Associates, P.C.

On November 15, 2024, ESHA, Inc. filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that information that had been provided to the company was subject to unauthorized access. As a result of the ESHA data breach, an unauthorized party was able to access consumers’ sensitive information. Upon completing its investigation, ESHA began sending out data breach notification letters to the 76,922 individuals whose information was affected by the recent data security incident.

If you received a data breach notification from ESHA, Inc., it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the ESHA data breach. For more information, please see our recent piece on the topic here.

What Caused the ESHA Data Breach?

The ESHA data breach was only recently announced, and more information is expected in the near future. However, it does not appear as though ESHA has issued a press release or posted a website notice discussing the breach, and the company’s filing with the U.S. Department of Health and Human Services Office for Civil Rights provides only limited important information on what led up to the breach. Thus, information on what led up to the ESHA data breach is very limited.

However, according to the available information, the ESHA data breach involved a “Hacking / IT Incident” of a network server that contained confidential information belonging to certain individuals. While ESHA reported the breach to the U.S. Department of Health and Human Services Office for Civil Rights, that doesn’t necessarily mean that ESHA’s IT network was breached; it could be that ESHA is reporting a third-party data breach that occurred at one of its vendors.

Regardless, after learning that sensitive data was accessible to an unauthorized party, ESHA reviewed the compromised files to determine what information was leaked and which consumers were impacted. ESHA recently completed this process, and on November 15, 2024, the company sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.

More Information About ESHA, Inc.

Founded in 1989, ESHA, Inc. is a distributor of printing and imaging hardware based out of Brunswick, New Jersey. ESHA also distributes Audio/Visual equipment and provides information technology (“IT”) services. ESHA’s IT division provides strategic advisory services, cybersecurity services, and talent acquisition services. ESHA employs more than 70 people and generates approximately $8 million in annual revenue.