5.4 million patient records exposed in healthcare data breach
Over the past decade, software companies have built solutions for nearly every industry, including healthcare. One term you might be familiar with is software as a service (SaaS), a model by which software is accessed online through a subscription rather than installed on individual machines.
In healthcare, SaaS providers are now a common part of the ecosystem. But, recently, many of them have made headlines for the wrong reasons.
Several data breaches have been traced back to vulnerabilities at these third-party service providers. The latest incident comes from one such firm, which has now confirmed that hackers stole the health information of over 5 million people in the United States during a cyberattack in January.
Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide — free when you join.
Episource, a big name in healthcare data analytics and coding services, has confirmed a major cybersecurity incident (via Bleeping Computer). The breach involved sensitive health information belonging to over 5 million people in the United States. The company first noticed suspicious system activity Feb. 6, 2025, but the actual compromise began ten days earlier.
An internal investigation revealed that hackers accessed and copied private data between Jan. 27 and Feb. 6. The company insists that no financial information was taken, but the stolen records do include names, contact details, Social Security numbers, Medicaid IDs and full medical histories.
Episource claims there's no evidence the information has been misused, but because they haven't seen the fallout yet doesn't mean it isn't happening. Once data like this is out, it spreads fast, and the consequences don't wait for official confirmation.
The healthcare industry has embraced cloud-based services to improve efficiency, scale operations and reduce overhead. Companies like Episource enable healthcare payers to manage coding and risk adjustment at a much larger scale. But this shift has also introduced new risks. When third-party vendors handle patient data, the security of that data becomes dependent on their infrastructure.
Healthcare data is among the most valuable types of personal information for hackers. Unlike payment card data, which can be changed quickly, medical and identity records are long-term assets on the dark web. These breaches can lead to insurance fraud, identity theft and even blackmail.
Episource is not alone in facing this kind of attack. In the past few years, several healthcare SaaS providers have faced breaches, including Accellion and Blackbaud. These incidents have affected millions of patients and have led to class-action lawsuits and stricter government scrutiny.
If your information was part of the healthcare breach or any similar one, it's worth taking a few steps to protect yourself.
1. Consider identity theft protection services: Since the healthcare data breach exposed personal and financial information, it's crucial to stay proactive against identity theft. Identity theft protection services offer continuous monitoring of your credit reports, Social Security number and even the dark web to detect if your information is being misused.
These services send you real-time alerts about suspicious activity, such as new credit inquiries or attempts to open accounts in your name, helping you act quickly before serious damage occurs. Beyond monitoring, many identity theft protection companies provide dedicated recovery specialists who assist you in resolving fraud issues, disputing unauthorized charges and restoring your identity if it's compromised. See my tips and best picks on how to protect yourself from identity theft.
2. Use personal data removal services: The healthcare data breach leaks loads of information about you, and all this could end up in the public domain, which essentially gives anyone an opportunity to scam you.
One proactive step is to consider personal data removal services, which specialize in continuously monitoring and removing your information from various online databases and websites. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.
Get a free scan to find out if your personal information is already out on the web.
3. Have strong antivirus software: Hackers have people's email addresses and full names, which makes it easy for them to send you a phishing link that installs malware and steals all your data. These messages are socially engineered to catch them, and catching them is nearly impossible if you're not careful. However, you're not without defenses.
The best way to safeguard yourself from malicious links is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
4. Enable two-factor authentication: While passwords weren't part of the data breach, you still need to enable two-factor authentication (2FA). It gives you an extra layer of security on all your important accounts, including email, banking and social media. 2FA requires you to provide a second piece of information, such as a code sent to your phone, in addition to your password when logging in. This makes it significantly harder for hackers to access your accounts, even if they have your password. Enabling 2FA can greatly reduce the risk of unauthorized access and protect your sensitive data.
5. Be wary of mailbox communications: Bad actors may also try to scam you through snail mail. The data leak gives them access to your address. They may impersonate people or brands you know and use themes that require urgent attention, such as missed deliveries, account suspensions and security alerts.
What makes this breach especially alarming is that many of the affected patients may have never even heard of Episource. As a business-to-business vendor, Episource operates in the background, working with insurers and healthcare providers, not with patients directly. The people affected were customers of those companies, yet it's their most sensitive data now at risk because of a third party they never chose or trusted. This kind of indirect relationship muddies the waters when it comes to responsibility and makes it even harder to demand transparency or hold anyone accountable.
Do you think healthcare companies are investing enough in their cybersecurity infrastructure? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Follow Kurt on his social channels
Answers to the most asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Forbes
31 minutes ago
- Forbes
Can Agentic AI Bring The Pope Or The Queen Back To Life — And Rewrite History?
Can Agentic AI Bring the Pope or the Queen Back to Life — and Rewrite History? Elon Musk recently sparked global debate by claiming AI could soon be powerful enough to rewrite history. He stated on X (formerly Twitter) that his AI platform, Grok, could 'rewrite the entire corpus of human knowledge, adding missing information and deleting errors.' This bold claim arrives alongside a recent groundbreaking announcement from Google: the launch of Google Veo3 AI Video Generator, a state-of-the-art AI video generation model capable of producing cinematic-quality videos from text and images. Part of the Google Gemini ecosystem, Google Veo3 AI generates lifelike videos complete with synchronized audio, dynamic camera movements, and coherent multi-scene narratives. Its intuitive editing tools, combined with accessibility through platforms like Google Gemini, Flow, Vids, and Vertex AI, open new frontiers for filmmakers, marketers, educators, and game designers alike. At the same time, industry leaders — including OpenAI, Anthropic, Microsoft Copilot, and Mistral (Claude) — are racing to build more sophisticated agentic AI systems. Unlike traditional reactive AI tools, these agents are designed to reason, plan, and orchestrate autonomous actions based on goals, feedback, and long-term context. This evolution marks a shift toward AI systems that function much like a skilled executive assistant — and beyond. The Promise: Immortalizing Legacy Through Agentic AI Together, these advances raise a fascinating question: What if agentic AI could bring historical figures like the Pope or the Queen back to life digitally? Could it even reshape our understanding of history itself? Imagine an AI trained on decades — or even a century — of video footage, writings, audio recordings, and public appearances by iconic figures such as Pope Francis or Queen Elizabeth II. Using agentic AI, we could create realistic, interactive digital avatars capable of offering insights, delivering messages, or simulating how these individuals might respond to today's complex issues based on their documented philosophies and behaviors. This application could benefit millions. For example, Catholic followers might seek guidance and blessings from a digital Pope, educators could build immersive historical simulations, and advisors to the British royal family could analyze past decision-making styles. After all, as the saying goes, 'history repeats itself,' and access to nuanced, context-rich perspectives from the past could illuminate our present. The Risk: The Dangerous Flip Side — Rewriting Truth Itself However, the same technologies that can immortalize could also distort and manipulate reality. If agentic AI can reconstruct the past, what prevents it — or malicious actors — from rewriting it? Autonomous agents that control which stories are amplified or suppressed online pose a serious threat. We risk a future where deepfakes, synthetic media, and AI-generated propaganda blur the line between fact and fiction. Already, misinformation campaigns and fake news challenge our ability to discern truth. Agentic AI could exponentially magnify these problems, making it harder than ever to distinguish between genuine history and fabricated narratives. Imagine a world where search engines no longer provide objective facts, but the version of history shaped by governments, corporations, or AI systems themselves. This could lead to widespread confusion, social polarization, and a fundamental erosion of trust in information. Ethics, Regulation, and Responsible Innovation The advent of agentic AI demands not only excitement but also ethical foresight and regulatory vigilance. Programming AI agents to operate autonomously requires walking a fine line between innovation and manipulation. Transparency in training data, explainability in AI decisions, and strict regulation of how agents interact are essential safeguards. The critical question is not just 'Can we?' but 'Should we?' Policymakers, developers, and industry leaders must collaborate to establish global standards and oversight mechanisms that ensure AI technologies serve the public good. Just as financial markets and pharmaceuticals drugs are regulated to protect society, so too must the AI agents shaping our future be subject to robust guardrails. As the old adage goes: 'Technology is neither good nor bad. It's how we use it that makes all the difference.' Navigating the Future of Agentic AI and Historical Data The convergence of generative video models like Google Veo3, visionary leaders like Elon Musk, and the rapid rise of agentic AI paints a complex and compelling picture. Yes, we may soon see lifelike digital recreations of the Pope or the Queen delivering messages, advising future generations, and influencing public discourse. But whether these advancements become tools of enlightenment or distortion depends entirely on how we govern, regulate, and ethically deploy these technologies today. The future of agentic AI — especially when it touches our history and culture — must be navigated with care, responsibility, and a commitment to truth.
Yahoo
an hour ago
- Yahoo
Experts Urge Caution as Study Links This Popular Drink to 2x the Risk of Diabetes
Experts Urge Caution as Study Links This Popular Drink to 2x the Risk of Diabetes originally appeared on Parade. There's nothing quite like a crisp diet soda on a hot day. It's cool, bubbly and somehow so refreshing. Add some lime and you've got a summertime treat. You can even make a dirty soda by adding a little cream. Yum! But a new study is shining light on diet soda's health effects, and they might not be as harmless as they seem. A new study has found that consuming artificially sweetened beverages, which are commonly marketed as the 'healthier' alternative to sugary drinks, could significantly increase your risk of developing type 2 diabetes. Researchers collected data on more than 4,654 adults in the 30-year-long Coronary Artery Risk Development in Young Adults (CARDIA) study. They assessed the diets of participants at the start of the study, then again after seven and 20 years. 🎬 SIGN UP for Parade's Daily newsletter to get the latest pop culture news & celebrity interviews delivered right to your inbox 🎬 Researchers discovered that individuals who consumed the highest amounts of artificially sweetened drinks, like diet sodas or sugar-free flavored waters, were more than twice as likely to develop type 2 diabetes than those who rarely drank them. That's a 129% increase in risk, raising serious questions about what we're really sipping on when we go 'sugar-free.'The study adds fuel to the growing debate around artificial sweeteners. Long considered a safer option for those watching their weight or blood sugar, these sugar substitutes may interfere with insulin sensitivity and disrupt gut health, which are two key factors in developing diabetes. While the beverages contain few or no calories, their long-term metabolic effects may not be so benign. Of course, sugary drinks aren't off the hook either. Regular sodas, sweetened teas and energy drinks remain one of the most well-documented contributors to rising diabetes and obesity rates worldwide. Even 100% fruit juices, which many perceive as healthy, can elevate blood sugar when consumed in excess. This new study challenges the widely accepted belief that diet drinks are a safe swap. And while more research is needed to pinpoint exactly how artificial sweeteners may influence insulin response, the evidence so far suggests that moderation—and even reconsideration—is warranted. So, what should you drink instead? Nutrition experts continue to recommend simple, no-frills hydration. Water remains the gold standard, but unsweetened tea and black coffee are also considered safe and beneficial for most people. Infused waters with fruit or herbs can offer a flavorful twist without the potential downsides of sugar or artificial sweeteners. I'm a daily Coke Zero drinker, but after this study, I may be willing to make a change. I do love iced tea!Experts Urge Caution as Study Links This Popular Drink to 2x the Risk of Diabetes first appeared on Parade on Jun 27, 2025 This story was originally reported by Parade on Jun 27, 2025, where it first appeared.
Yahoo
an hour ago
- Yahoo
AbbVie's Elahere Market Expected to Skyrocket to $6B by 2034 in Ovarian Cancer Treatment
AbbVie Inc. (NYSE:ABBV) is one of the undervalued S&P 500 stocks to buy according to hedge funds. On June 25, the 'Elahere Market Opportunities and Strategies to 2034' report was added to offering. It stated that the global market for Elahere, which is a treatment primarily for ovarian cancer, is anticipated to experience rapid growth and is projected to surge from nearly $502.56 million in 2024 to $6.07 billion by 2034 at a CAGR of 28.68% from 2029. AbbVie, through its acquisition of ImmunoGen, is currently the sole and dominant player in the Elahere market, holding a 100% market share in 2023. AbbVie completed its acquisition of ImmunoGen on February 12 in 2024, in a deal that was valued at ~$10.1 billion. The acquisition was made to support AbbVie's oncology pipeline, particularly with Elahere. A pharmacist handing out a pharmaceutical drug to a patient in a drug store or chemist. Elahere is indicated for ovarian neoplasms, which constituted the largest segment by clinical indication and accounted for 85.44% or $429.38 million of the market in 2024. This segment is expected to remain the fastest-growing with a CAGR of 29.67% during the 2024-2029 period. North America was the largest regional market for Elahere in 2024, and accounted for 97.09% of the total, or $487.92 million. AbbVie Inc. (NYSE:ABBV) is a research-based biopharmaceutical company that researches, develops, manufactures, commercializes, and sells medicines and therapies worldwide. While we acknowledge the potential of ABBV as an investment, we believe certain AI stocks offer greater upside potential and carry less downside risk. If you're looking for an extremely undervalued AI stock that also stands to benefit significantly from Trump-era tariffs and the onshoring trend, see our free report on the . READ NEXT: and . Disclosure: None. This article is originally published at Insider Monkey. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
