Medical billing big Episource is notifying tens of millions of individuals throughout the USA that their private and well being info was stolen in a cyberattack earlier this 12 months.
The breach impacts greater than 5.4 million individuals, based on an inventory with the U.S. Division of Well being and Human Companies, making it one of many largest healthcare breaches of the 12 months to date.
Episource, owned by medical insurance big UnitedHealth Group’s subsidiary Optum, gives billing adjustment to the docs, hospitals, and different organizations that work within the healthcare trade. As such, the corporate handles giant quantities of sufferers’ private and medical knowledge to course of claims by way of their medical insurance.
In notices filed in California and Vermont on Friday, Episource mentioned a felony was capable of “see and take copies” of affected person and member knowledge from its methods through the weeklong breach ending February 6.
The stolen info consists of private info, corresponding to names, postal and electronic mail addresses, and cellphone numbers, in addition to protected well being knowledge, together with medical file numbers, and knowledge regarding docs, diagnoses, medicines, check outcomes, imaging, care, and different remedy. The stolen knowledge additionally accommodates medical insurance info, like well being plans, insurance policies, and member numbers.
Episource didn’t describe the character of the incident, however Sharp Healthcare, one of many corporations that works with Episource and was affected by the cyberattack, advised its prospects that the Episource hack was brought on by ransomware.
That is the newest cybersecurity incident to hit UnitedHealth in recent times.
Change Healthcare, one of many largest corporations within the U.S. healthcare trade that processes billions of well being transactions every year, was hacked by a ransomware gang in February 2024, resulting in the theft of greater than 190 million People’ private and well being info. The cyberattack was the most important healthcare knowledge breach in U.S. historical past.
A number of months later, UnitedHealth’s Optum unit left an inner chatbot utilized by workers to ask about claims uncovered to the web.
