- Episourus faced cyber attack in late January 2025
- Sensitive data was taken on 5.4 million people
- The company is now informing the affected persons
American Healthcare data giant Episouus has started informing its customers about the February 2025 data violation in which their sensitive information was stolen.
Eppesource is a healthcare data and technology company that helps health schemes to manage risk adjustment, quality measurement and clinical data through analytics, coding and technology solutions.
On 6 February 2025, the company saw a danger actor breaking his defense and stored sensitive files on its equipment. After closing the IT network, after bringing the third party forensic experts and informing the law enforcement, the company determined that the attackers took “copies of some data” between 27 January and 6 February 2025.
Individual identifiable data
Data included health plans/policies, insurance companies, members/group ID numbers and Medicade-Medicade-Government ID number.
It included health data such as medical record numbers, doctors, diagnosis, medicines, test results, images, care and treatment, as well as other personal data such as birth or social security numbers (SSN).
In a separate report filed in the meantime with the US Health and Human Services Office for civil rights, Episorus confirmed that 5,418,866 people were affected by the attack.
Earlier reports also said that the company started informing him on 23 April 2025, although these were unconfirmed reports.
Cyber criminals often target healthcare organizations for their data, as it can be abused by fishing, identity theft and other forms of scams.
The rogue data can be used personally to assure crafts, emails, who can trick the victims to download malware or share login credentials. This is why Episaurus is now urging the affected persons to be vigilant, and looking out for potential copy and scam efforts.
Through Tekkachchan
