Medical billing big Episource is notifying thousands and thousands of individuals throughout the USA that their private and well being data was stolen in a cyberattack earlier this yr.
The breach impacts greater than 5.4 million individuals, in response to an inventory with the U.S. Division of Well being and Human Providers, making it one of many largest healthcare breaches of the yr up to now.
Episource, owned by medical health insurance big UnitedHealth Group’s subsidiary Optum, gives billing adjustment to the docs, hospitals, and different organizations that work within the healthcare trade. As such, the corporate handles giant quantities of sufferers’ private and medical knowledge to course of claims via their medical health insurance.
In notices filed in California and Vermont on Friday, Episource stated a prison was capable of “see and take copies” of affected person and member knowledge from its programs throughout the weeklong breach ending February 6.
The stolen data consists of private data, similar to names, postal and electronic mail addresses, and telephone numbers, in addition to protected well being knowledge, together with medical file numbers, and knowledge referring to docs, diagnoses, medicines, check outcomes, imaging, care, and different remedy. The stolen knowledge additionally comprises medical health insurance data, like well being plans, insurance policies, and member numbers.
Episource didn’t describe the character of the incident, however Sharp Healthcare, one of many corporations that works with Episource and was affected by the cyberattack, advised its clients that the Episource hack was brought on by ransomware.
That is the most recent cybersecurity incident to hit UnitedHealth lately.
Change Healthcare, one of many largest corporations within the U.S. healthcare trade that processes billions of well being transactions every year, was hacked by a ransomware gang in February 2024, resulting in the theft of greater than 190 million Individuals’ private and well being data. The cyberattack was the most important healthcare data breach in U.S. historical past.
A number of months later, UnitedHealth’s Optum unit left an inside chatbot utilized by staff to ask about claims uncovered to the web.
