Episource Data Breach Class Action Narrowed After Court Dismissals
A federal court in California has significantly reduced the scope of a class action lawsuit tied to a health data breach involving Episource LLC, a healthcare risk adjustment services firm. U.S. District Judge Stanley Blumenfeld Jr. dismissed most of the 23 named plaintiffs representing over 5.4 million affected individuals citing lack of subject matter and personal jurisdiction.
The ruling leaves only four plaintiffs remaining in the case, as the court determined that the majority failed to establish sufficient legal grounds for their claims against Episource and several associated healthcare providers. The breach, which exposed sensitive health data, had prompted the class action seeking damages for affected individuals.
The decision underscores the legal challenges in pursuing large-scale data breach litigation, particularly when jurisdiction and standing are contested. The case remains active for the remaining plaintiffs, though its scope has been substantially narrowed.
Source: https://news.bloomberglaw.com/ip-law/episource-data-breach-class-action-gets-significantly-narrowed
Episource cybersecurity rating report: https://www.rankiteo.com/company/episource
"id": "EPI1769117944",
"linkid": "episource",
"type": "Breach",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '5.4 million individuals',
'industry': 'Healthcare',
'location': 'California, USA',
'name': 'Episource LLC',
'type': 'Healthcare risk adjustment services firm'}],
'data_breach': {'number_of_records_exposed': '5.4 million',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Sensitive health data'},
'description': 'A federal court in California has significantly reduced the '
'scope of a class action lawsuit tied to a health data breach '
'involving Episource LLC, a healthcare risk adjustment '
'services firm. The ruling dismissed most of the 23 named '
'plaintiffs representing over 5.4 million affected '
'individuals, leaving only four plaintiffs remaining due to '
'lack of jurisdiction and standing. The breach exposed '
'sensitive health data, prompting the class action seeking '
'damages.',
'impact': {'data_compromised': 'Sensitive health data',
'legal_liabilities': 'Class action lawsuit seeking damages'},
'investigation_status': 'Active (narrowed scope)',
'references': [{'source': 'Federal court ruling'}],
'regulatory_compliance': {'legal_actions': 'Class action lawsuit'},
'title': 'Episource Data Breach Class Action Narrowed After Court Dismissals',
'type': 'Data Breach'}