- Episource confirms cyber attack with the data of stolen patients
- The theft occurred at the end of January 2025 and includes information on policies and Medicaid.
- Customers are urged to remain vigilant
The American medical care data giant Episource has confirmed the suffering of a cyber attack in which he lost confidential data in more than five million people.
In a notification of data breach published on the company’s website, he said that the intrusion was seen on February 6, 2025, and after closing the Network of IT, bringing third -party forensic experts and notifying the police, the company learned that the funds took “copies of some data” between January 27 and February 6, 2025.
The data include health plans/policies, insurance companies, identification numbers of members/groups and identification numbers of Payor of Government of Medicaid-Medicae. It also includes health data such as medical, medical, diagnostic records, medicines, test results, images, care and treatment, as well as other personal data, such as birth dates or social security numbers (SSN).
Increased credibility
Cybercriminals are often aimed at medical care organizations for their data, since you can abuse phishing, identity theft and other forms of scams.
Crooks can use the data to create custom and convincing emails, which can fool the victims to download malware or share login credentials.
At the same time, Episource presented a new report before the Office of the Department of Health and Human Services of the United States for the Civil Rights Failure to comply with exactly 5,418,866 people affected by this attack.
The company began notifying them on April 23, 2025, it was said. He did not declare what suppliers he is notifying, but emphasized that not everyone was affected by the attack.
Episource is a medical care data and technology that helps health plans to administer risk adjustment, quality measurement and clinical data through analysis, coding and technology analysis.
It urges people impacted to stay vigilant and be careful with the possible impersonation and scam attempts.
Through Bleepingcomputer
