Major breach at medical billing giant sees data on 5.4 million users stolen - here's what we know

News
By published

Episource is notifying users about the breach

healthcare
(Image credit: Shutterstock)
  • Episource suffered a cyberattack in late January 2025
  • Sensitive data on 5.4 million people was taken
  • The company is now notifying affected individuals

American healthcare data giant Episource has begun notifying its customers about a February 2025 data breach in which their sensitive information was stolen.

Episource is a healthcare data and technology company that helps health plans manage risk adjustment, quality measurement, and clinical data through analytics, coding, and technology solutions.

On February 6, 2025, the company spotted a threat actor breaching its defenses and accessing sensitive files it had stored on its devices. After shutting down the IT network, bringing in third-party forensics experts, and notifying law enforcement, the company determined that the attackers took “copies of some data” between January 27 and February 6, 2025.

Norton 360 with Lifelock Select
Up to 58% Off

Norton 360 with Lifelock Select

Today’s cyberthreats are more sophisticated and scams are harder to detect. That’s why we made our all-in-one security and identity theft protection more powerful to keep you safer online. Norton 360 with LifeLock now with Genie AI-powered scam detection. Advanced tech for advanced threats. Save 47% on your first year.

View Deal

Personally identifiable data

The data included health plans/policies, insurance companies, member/group ID numbers, and Medicaid-Medicare-government payor ID numbers.

It also included health data such as medical record numbers, doctors, diagnoses, medicines, test results, images, care, and treatment, as well as other personal data such as dates of birth or Social Security numbers (SSN).

In a separate report, filed in the meantime with the US Department of Health and Human Services Office for Civil Rights, Episource confirmed that exactly 5,418,866 people were affected by the attack.

Earlier reports also stated the company started notifying them on April 23, 2025, although these were unconfirmed reports.

Cybercriminals often target healthcare organizations for their data, since it can be abused in phishing, identity theft, and other forms of scams.

Crooks can use the data to craft personalized, convincing emails, which can trick the victims into downloading malware or sharing login credentials. That is why Episource is now urging impacted individuals to stay vigilant, and watch out for potential impersonation and scam attempts.

Via TechCrunch

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.