More than 5 million affected by data breach at healthcare tech firm Episource

Avatar

A tech firm providing services to the healthcare industry said hackers stole information on millions of people in an incident discovered in early February.

Documents filed with the U.S. Department of Health and Human Services Department show that 5,418,866 people had information taken from Episource. 

California-based Episource disclosed in filings with the U.S. Department of Health and Human Services that more than 5.4 million people had their information taken, and said in a notice on its website that hackers had copied files from their system between January 27 and February 6.

The data stolen includes:

Social Security numbersHealth insurance ID numbersMedicaid-Medicare ID numbersMedical records covering doctor, diagnoses, test results, images, care and treatment

Law enforcement was involved in the investigation and the company said it was forced to turn off its computer system in order to protect customers and their patients. The company did not respond to requests for comment. 

Episource says it provides medical coding and risk adjustment services to doctors, health plans and health companies.

Victims of the data breach either received services from one of the doctors or were members of a health plan that uses Episource’s tools. 

The company said it is working with its customers to help them coordinate providing the notice to everyone affected. 

Episource urged victims to watch their benefit statements in case they are ever charged for services they did not receive. The company set up a call line for victims with questions. 

Some customers of Episource published their own breach notices, including Sharp Healthcare

Episource previously dealt with a data breach in 2023 that leaked much of the same information for an unknown number of people.

Episource was founded in 2006 and acquired in 2023 by Optum — a healthcare giant owned by UnitedHealth that was itself at the center of a large cybersecurity incident last year. Optum itself was forced to take some of its systems offline last February after a ransomware attack on its subsidiary Change Healthcare

That attack ended up leaking the sensitive healthcare information of 190 million people.

CybercrimeNewsNews Briefs
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains

Next Post

New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions

Related Posts

Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign

Threat actors with suspected ties to Russia have been observed taking advantage of a Google account feature called application specific passwords (or app passwords) as part of a novel social engineering tactic designed to gain access to victims' emails. Details of the highly targeted campaign were disclosed by Google Threat Intelligence Group (GTIG) and the Citizen Lab, stating the activity
Avatar
Read More

Playbook: Transforming Your Cybersecurity Practice Into An MRR Machine

Introduction The cybersecurity landscape is evolving rapidly, and so are the cyber needs of organizations worldwide. While businesses face mounting pressure from regulators, insurers, and rising threats, many still treat cybersecurity as an afterthought. As a result, providers may struggle to move beyond tactical services like one-off assessments or compliance checklists, and demonstrate
Avatar
Read More