Episource is notifying tens of millions of those who their well being information was stolen
Medical billing big Episource is notifying tens of millions of individuals throughout the USA that their private and well being data was stolen in a cyberattack earlier this 12 months.
The breach impacts greater than 5.4 million individuals, based on an inventory with the U.S. Division of Well being and Human Providers, making it one of many largest healthcare breaches of the 12 months thus far.
Episource, owned by medical health insurance big UnitedHealth Group’s subsidiary Optum, supplies billing adjustment to the docs, hospitals, and different organizations that work within the healthcare trade. As such, the corporate handles massive quantities of sufferers’ private and medical information to course of claims by means of their medical health insurance.
In notices filed in California and Vermont on Friday, Episource stated a felony was in a position to “see and take copies” of affected person and member information from its methods through the weeklong breach ending February 6.
The stolen data contains private data, comparable to names, postal and e mail addresses, and cellphone numbers, in addition to protected well being information, together with medical document numbers, and information regarding docs, diagnoses, drugs, take a look at outcomes, imaging, care, and different therapy. The stolen information additionally accommodates medical health insurance data, like well being plans, insurance policies, and member numbers.
Episource didn’t describe the character of the incident, however Sharp Healthcare, one of many corporations that works with Episource and was affected by the cyberattack, advised its prospects that the Episource hack was attributable to ransomware.
That is the most recent cybersecurity incident to hit UnitedHealth in recent times.
Change Healthcare, one of many largest corporations within the U.S. healthcare trade that processes billions of well being transactions annually, was hacked by a ransomware gang in February 2024, resulting in the theft of greater than 190 million People’ private and well being data. The cyberattack was the biggest healthcare information breach in U.S. historical past.
A number of months later, UnitedHealth’s Optum unit left an inside chatbot utilized by staff to ask about claims uncovered to the web.