Healthcare Tech Firm Episource Reports Data Breach Affecting Over 5 Million People
A California-based technology firm providing services to the healthcare industry has reported a significant data breach. Hackers stole information on more than 5.4 million people in an incident discovered in early February. According to documents filed with the U.S. Department of Health and Human Services, 5,418,866 individuals had their information compromised.
Episource disclosed that hackers copied files from their system between January 27 and February 6. The stolen data includes sensitive information such as Social Security numbers, health insurance ID numbers, Medicaid-Medicare ID numbers, and comprehensive medical records covering doctor information, diagnoses, test results, images, care, and treatment details.
The company was forced to shut down its computer system to protect its customers and their patients after discovering the breach. Law enforcement was involved in the investigation. Episource provides medical coding and risk adjustment services to doctors, health plans, and healthcare companies. Those affected by the breach either received services from one of the doctors using Episource’s tools or were members of a health plan that utilized their services.
Episource is working closely with its customers to help them notify all affected individuals. The company has set up a call line for victims with questions and has urged them to monitor their benefit statements for any unauthorized charges. Some of Episource’s customers, such as Sharp Healthcare, have published their own breach notices.
This incident marks the second data breach for Episource in recent years. The company experienced a similar breach in 2023, which leaked comparable information for an unknown number of individuals. Episource, founded in 2006, was acquired by Optum, a healthcare giant owned by UnitedHealth, in 2023. Notably, Optum faced a significant cybersecurity incident last year when its subsidiary, Change Healthcare, was hit by a ransomware attack, resulting in the leak of sensitive healthcare information for 190 million people.
The frequency and scale of these incidents highlight the growing concern over cybersecurity in the healthcare technology sector. As data breaches continue to pose significant risks to sensitive personal information, companies like Episource are under increasing pressure to enhance their security measures and protect their clients’ data effectively.
