- Episource suffered a cyberattack in late January 2025
- Delicate knowledge on 5.4 million individuals was taken
- The corporate is now notifying affected people
American healthcare knowledge large Episource has begun notifying its prospects a couple of February 2025 knowledge breach wherein their delicate data was stolen.
Episource is a healthcare knowledge and know-how firm that helps well being plans handle danger adjustment, high quality measurement, and scientific knowledge by way of analytics, coding, and know-how options.
On February 6, 2025, the corporate noticed a risk actor breaching its defenses and accessing delicate recordsdata it had saved on its units. After shutting down the IT community, bringing in third-party forensics specialists, and notifying legislation enforcement, the corporate decided that the attackers took “copies of some knowledge” between January 27 and February 6, 2025.
You might like
Personally identifiable knowledge
The info included well being plans/insurance policies, insurance coverage corporations, member/group ID numbers, and Medicaid-Medicare-government payor ID numbers.
It additionally included well being knowledge similar to medical report numbers, docs, diagnoses, medicines, check outcomes, photos, care, and remedy, in addition to different private knowledge similar to dates of start or Social Safety numbers (SSN).
In a separate report, filed within the meantime with the US Division of Well being and Human Companies Workplace for Civil Rights, Episource confirmed that precisely 5,418,866 individuals had been affected by the assault.
Earlier stories additionally said the corporate began notifying them on April 23, 2025, though these had been unconfirmed stories.
Cybercriminals usually goal healthcare organizations for his or her knowledge, since it may be abused in phishing, id theft, and different types of scams.
Crooks can use the info to craft personalised, convincing emails, which might trick the victims into downloading malware or sharing login credentials. That’s the reason Episource is now urging impacted people to remain vigilant, and be careful for potential impersonation and rip-off makes an attempt.
By way of TechCrunch
