Major US healthcare data provider hit by data breach – over 5 million patients affected, here’s what we know

Episource confirms cyberattack with patient data stolen
The theft happened in late January 2025, and includes policy and MedicAid information
Customers are urged to remain vigilant

American healthcare data giant Episource has confirmed suffering a cyberattack in which it lost sensitive data on more than five million people.

In a data breach notification published on the company’s website, it said the intrusion was spotted on February 6, 2025, and after shutting down the IT network, bringing in third-party forensics experts, and notifying law enforcement, the company learned the miscreants took “copies of some data” between January 27 and February 6, 2025.

The data includes health plans/policies, insurance companies, member/group ID numbers, and Medicaid-Medicare-government payor ID numbers. It also includes health data such as medical record numbers, doctors, diagnoses, medicines, test results, images, care, and treatment, as well as other personal data such as dates of birth or Social Security numbers (SSN).

Increasing credibility

Cybercriminals often target healthcare organizations for their data, since it can be abused in phishing, identity theft, and other forms of scams.

Crooks can use the data to craft personalized, convincing emails, which can trick the victims into downloading malware or sharing login credentials.

At the same time, Episource filed a new report with the US Department of Health and Human Services Office for Civil Rights’ breach portal, confirming exactly 5,418,866 people were affected by this attack.

The company began notifying them on April 23, 2025, it was said. It did not state which providers it’s notifying, but stressed that not everyone was impacted by the attack.

Episource is a healthcare data and technology company that helps health plans manage risk adjustment, quality measurement, and clinical data through analytics, coding, and technology solutions.

It is urging impacted individuals to stay vigilant, and watch out for potential impersonation and scam attempts.

Via BleepingComputer

More from TechRadar Pro

https://cdn.mos.cms.futurecdn.net/XztdngjRmFS6xK2nNWp7Nm.jpg

Source link

Quordle hints and answers for Saturday, April 4 (game #1531)

NYT Connections hints and answers for Saturday, April 4 (game #1028)

NYT Strands hints and answers for Saturday, April 4 (game #762)

Dell packs full desktop performance into a palm-sized device that’s powered entirely through a single USB-C connection

Ex-Israeli Intelligence Official: Shockwaves of Trump’s “Take Over Gaza” Heard, Felt Across Region

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

‘Spaceballs’ Sequel Gets April 2027 Release Date

Joseph Duggar, Wife Kendra Duggar Reunite After Arrests

Celebrities at Women’s Final Four

Season 2 of Netflix’s Best Action Thriller Is Officially Out, and It’s the Perfect Weekend Binge

Vietnam Q1 GDP growth slows to 7.83% y/y from 8.46% y/y in Q4

Form 13D/A The New Germany Fund For: 3 April

Turtle Cameron, Spyre Therapeutics CEO, sells $739k in shares

Fold Holdings CEO Reeves sells $6.9k in shares

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

Major US healthcare data provider hit by data breach – over 5 million patients affected, here’s what we know

Vietnam Q1 GDP growth slows to 7.83% y/y from 8.46% y/y in Q4

‘Spaceballs’ Sequel Gets April 2027 Release Date

Form 13D/A The New Germany Fund For: 3 April

Joseph Duggar, Wife Kendra Duggar Reunite After Arrests