Latest news with #Episource
Yahoo
15 hours ago
- Business
- Yahoo
5.4 million patient records exposed in healthcare data breach
Over the past decade, software companies have built solutions for nearly every industry, including healthcare. One term you might be familiar with is software as a service (SaaS), a model by which software is accessed online through a subscription rather than installed on individual machines. In healthcare, SaaS providers are now a common part of the ecosystem. But, recently, many of them have made headlines for the wrong reasons. Several data breaches have been traced back to vulnerabilities at these third-party service providers. The latest incident comes from one such firm, which has now confirmed that hackers stole the health information of over 5 million people in the United States during a cyberattack in January. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide — free when you join. Ascension Healthcare Data Breach Exposes 430,000 Patient Records Episource, a big name in healthcare data analytics and coding services, has confirmed a major cybersecurity incident (via Bleeping Computer). The breach involved sensitive health information belonging to over 5 million people in the United States. The company first noticed suspicious system activity Feb. 6, 2025, but the actual compromise began ten days earlier. Read On The Fox News App An internal investigation revealed that hackers accessed and copied private data between Jan. 27 and Feb. 6. The company insists that no financial information was taken, but the stolen records do include names, contact details, Social Security numbers, Medicaid IDs and full medical histories. Episource claims there's no evidence the information has been misused, but because they haven't seen the fallout yet doesn't mean it isn't happening. Once data like this is out, it spreads fast, and the consequences don't wait for official confirmation. Over 8 Million Patient Records Leaked In Healthcare Data Breach The healthcare industry has embraced cloud-based services to improve efficiency, scale operations and reduce overhead. Companies like Episource enable healthcare payers to manage coding and risk adjustment at a much larger scale. But this shift has also introduced new risks. When third-party vendors handle patient data, the security of that data becomes dependent on their infrastructure. Healthcare data is among the most valuable types of personal information for hackers. Unlike payment card data, which can be changed quickly, medical and identity records are long-term assets on the dark web. These breaches can lead to insurance fraud, identity theft and even blackmail. Episource is not alone in facing this kind of attack. In the past few years, several healthcare SaaS providers have faced breaches, including Accellion and Blackbaud. These incidents have affected millions of patients and have led to class-action lawsuits and stricter government scrutiny. What Is Artificial Intelligence (Ai)? 5.5 Million Patients Exposed By Major Healthcare Data Breach If your information was part of the healthcare breach or any similar one, it's worth taking a few steps to protect yourself. 1. Consider identity theft protection services: Since the healthcare data breach exposed personal and financial information, it's crucial to stay proactive against identity theft. Identity theft protection services offer continuous monitoring of your credit reports, Social Security number and even the dark web to detect if your information is being misused. These services send you real-time alerts about suspicious activity, such as new credit inquiries or attempts to open accounts in your name, helping you act quickly before serious damage occurs. Beyond monitoring, many identity theft protection companies provide dedicated recovery specialists who assist you in resolving fraud issues, disputing unauthorized charges and restoring your identity if it's compromised. See my tips and best picks on how to protect yourself from identity theft. 2. Use personal data removal services: The healthcare data breach leaks loads of information about you, and all this could end up in the public domain, which essentially gives anyone an opportunity to scam you. One proactive step is to consider personal data removal services, which specialize in continuously monitoring and removing your information from various online databases and websites. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here. Get a free scan to find out if your personal information is already out on the web. 3. Have strong antivirus software: Hackers have people's email addresses and full names, which makes it easy for them to send you a phishing link that installs malware and steals all your data. These messages are socially engineered to catch them, and catching them is nearly impossible if you're not careful. However, you're not without defenses. The best way to safeguard yourself from malicious links is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 4. Enable two-factor authentication: While passwords weren't part of the data breach, you still need to enable two-factor authentication (2FA). It gives you an extra layer of security on all your important accounts, including email, banking and social media. 2FA requires you to provide a second piece of information, such as a code sent to your phone, in addition to your password when logging in. This makes it significantly harder for hackers to access your accounts, even if they have your password. Enabling 2FA can greatly reduce the risk of unauthorized access and protect your sensitive data. 5. Be wary of mailbox communications: Bad actors may also try to scam you through snail mail. The data leak gives them access to your address. They may impersonate people or brands you know and use themes that require urgent attention, such as missed deliveries, account suspensions and security alerts. Windows 10 Security Flaws Leave Millions Vulnerable What makes this breach especially alarming is that many of the affected patients may have never even heard of Episource. As a business-to-business vendor, Episource operates in the background, working with insurers and healthcare providers, not with patients directly. The people affected were customers of those companies, yet it's their most sensitive data now at risk because of a third party they never chose or trusted. This kind of indirect relationship muddies the waters when it comes to responsibility and makes it even harder to demand transparency or hold anyone accountable. Do you think healthcare companies are investing enough in their cybersecurity infrastructure? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Ask Kurt a question or let us know what stories you'd like us to cover Follow Kurt on his social channels Facebook YouTube Instagram Answers to the most asked CyberGuy questions: What is the best way to protect your Mac, Windows, iPhone and Android devices from getting hacked? What is the best way to stay private, secure and anonymous while browsing the web? How can I get rid of robocalls with apps and data removal services? How do I remove my private data from the internet? New from Kurt: Try CyberGuy's new games (crosswords, word searches, trivia and more!) CyberGuy's Exclusive Coupons and Deals Copyright 2025 All rights reserved. Original article source: 5.4 million patient records exposed in healthcare data breach
Fox News
18 hours ago
- Health
- Fox News
5.4 million patient records exposed in healthcare data breach
Over the past decade, software companies have built solutions for nearly every industry, including healthcare. One term you might be familiar with is software as a service (SaaS), a model by which software is accessed online through a subscription rather than installed on individual machines. In healthcare, SaaS providers are now a common part of the ecosystem. But, recently, many of them have made headlines for the wrong reasons. Several data breaches have been traced back to vulnerabilities at these third-party service providers. The latest incident comes from one such firm, which has now confirmed that hackers stole the health information of over 5 million people in the United States during a cyberattack in January. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide — free when you join. Episource, a big name in healthcare data analytics and coding services, has confirmed a major cybersecurity incident (via Bleeping Computer). The breach involved sensitive health information belonging to over 5 million people in the United States. The company first noticed suspicious system activity Feb. 6, 2025, but the actual compromise began ten days earlier. An internal investigation revealed that hackers accessed and copied private data between Jan. 27 and Feb. 6. The company insists that no financial information was taken, but the stolen records do include names, contact details, Social Security numbers, Medicaid IDs and full medical histories. Episource claims there's no evidence the information has been misused, but because they haven't seen the fallout yet doesn't mean it isn't happening. Once data like this is out, it spreads fast, and the consequences don't wait for official confirmation. The healthcare industry has embraced cloud-based services to improve efficiency, scale operations and reduce overhead. Companies like Episource enable healthcare payers to manage coding and risk adjustment at a much larger scale. But this shift has also introduced new risks. When third-party vendors handle patient data, the security of that data becomes dependent on their infrastructure. Healthcare data is among the most valuable types of personal information for hackers. Unlike payment card data, which can be changed quickly, medical and identity records are long-term assets on the dark web. These breaches can lead to insurance fraud, identity theft and even blackmail. Episource is not alone in facing this kind of attack. In the past few years, several healthcare SaaS providers have faced breaches, including Accellion and Blackbaud. These incidents have affected millions of patients and have led to class-action lawsuits and stricter government scrutiny. If your information was part of the healthcare breach or any similar one, it's worth taking a few steps to protect yourself. 1. Consider identity theft protection services: Since the healthcare data breach exposed personal and financial information, it's crucial to stay proactive against identity theft. Identity theft protection services offer continuous monitoring of your credit reports, Social Security number and even the dark web to detect if your information is being misused. These services send you real-time alerts about suspicious activity, such as new credit inquiries or attempts to open accounts in your name, helping you act quickly before serious damage occurs. Beyond monitoring, many identity theft protection companies provide dedicated recovery specialists who assist you in resolving fraud issues, disputing unauthorized charges and restoring your identity if it's compromised. See my tips and best picks on how to protect yourself from identity theft. 2. Use personal data removal services: The healthcare data breach leaks loads of information about you, and all this could end up in the public domain, which essentially gives anyone an opportunity to scam you. One proactive step is to consider personal data removal services, which specialize in continuously monitoring and removing your information from various online databases and websites. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here. Get a free scan to find out if your personal information is already out on the web. 3. Have strong antivirus software: Hackers have people's email addresses and full names, which makes it easy for them to send you a phishing link that installs malware and steals all your data. These messages are socially engineered to catch them, and catching them is nearly impossible if you're not careful. However, you're not without defenses. The best way to safeguard yourself from malicious links is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices. 4. Enable two-factor authentication: While passwords weren't part of the data breach, you still need to enable two-factor authentication (2FA). It gives you an extra layer of security on all your important accounts, including email, banking and social media. 2FA requires you to provide a second piece of information, such as a code sent to your phone, in addition to your password when logging in. This makes it significantly harder for hackers to access your accounts, even if they have your password. Enabling 2FA can greatly reduce the risk of unauthorized access and protect your sensitive data. 5. Be wary of mailbox communications: Bad actors may also try to scam you through snail mail. The data leak gives them access to your address. They may impersonate people or brands you know and use themes that require urgent attention, such as missed deliveries, account suspensions and security alerts. What makes this breach especially alarming is that many of the affected patients may have never even heard of Episource. As a business-to-business vendor, Episource operates in the background, working with insurers and healthcare providers, not with patients directly. The people affected were customers of those companies, yet it's their most sensitive data now at risk because of a third party they never chose or trusted. This kind of indirect relationship muddies the waters when it comes to responsibility and makes it even harder to demand transparency or hold anyone accountable. Do you think healthcare companies are investing enough in their cybersecurity infrastructure? Let us know by writing us at For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Follow Kurt on his social channels Answers to the most asked CyberGuy questions: New from Kurt: Copyright 2025 All rights reserved.
Yahoo
19-06-2025
- Health
- Yahoo
Healthcare data breach impacts over five million Americans
American medical coding and risk assessment firm Episource confirmed in a notice that it was affected by a data breach earlier this year. On February 6, Episource discovered unusual activity on its computers, it reported in the notice. It began investigating, involving a special team and law enforcement, and learned that a cybercriminal viewed and took copies of data between January 27 and February 6. SEE ALSO: Asana bug in new AI feature may have exposed data to other users for weeks According to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights, this data breach has impacted around 5.4 million people. Episource submitted the breach to HHS on June 6. While the data seen and taken may not have been the same for everyone, the information involved in the breach was: Contact information: Names, addresses, phone numbers, and emails Other personal information: Social Security numbers or dates of birth Health insurance data: Health plans/policies, insurance companies, member/group ID numbers, and Medicaid/Medicare/government payer ID numbers Health data: medical record numbers, doctors, diagnoses, medicines, test results, images, care, and treatment The notice states that financial, banking, and credit card information "largely were not impacted." Episource began notifying impacted customers of the individuals and data impacted on April 23. It warns that individuals should monitor their explanations of benefits received from their health care plans and their banking statements. If individuals notice suspicious activity on their bank or credit card statements, or receive notices for health services they haven't received, they should report it to the relevant authority (such as their credit card company or doctor). If individuals believe they're victims of a crime, they should contact law enforcement, the notice states. Basically, watch out for healthcare scams. Earlier this year, another massive healthcare data breach (this time at medical non-profit, Laboratory Services Cooperative) compromised the data of over a million people. Healthcare scams, like romance scams and other internet scams, are unfortunately common. The Federal Trade Commission published tips on spotting healthcare scams, such as warning signs and what to do before signing up for a health insurance plan.
Associated Press
19-06-2025
- Business
- Associated Press
Lynch Carpenter Investigates Claims in Episource, LLC Data Breach
PITTSBURGH, June 19, 2025 (GLOBE NEWSWIRE) -- Episource LLC ('Episource') recently announced a data breach, which compromised the personal information of approximately five million individuals. The information potentially impacted in the data breach includes individuals' names, addresses, email addresses, phone numbers, insurance plan information, Medicaid IDs, Social Security numbers, and medical record information, including diagnoses, medicines, test results, images, treatments.1 Lynch Carpenter, LLP is investigating claims against Episource related to this data breach. If you received a data breach notification from Episource, you may be entitled to compensation. Please fill out this form so that an attorney can review your case. About Lynch Carpenter Lynch Carpenter is a national class action law firm with offices in Pennsylvania, California, and Illinois. Our firm has represented millions of clients in data privacy matters for more than a decade and has earned national acclaim for complex litigation for plaintiffs across the country. To learn more, please visit For more information, please call Patrick Donathen at (412) 322-9243, or email him at [email protected]. ___________________________ 1 CONTACT Patrick Donathen COMPANY Lynch Carpenter LLP PHONE (412) 322-9243 EMAIL [email protected] WEB
