Epic Management LLC

Epic Management LLC suffered a data breach caused by external system hacking between March 2, 2021, and October 9, 2021, compromising the personal information of 10,050 individuals, including two residents of South Carolina. The breach exposed sensitive data, though the exact nature of the leaked information (e.g., financial, medical, or personally identifiable details) was not explicitly disclosed in the report. Affected individuals were notified via written correspondence on December 14, 2022, over a year after the breach’s discovery, and were offered 12 months of identity theft protection services as a remedial measure. The incident highlights vulnerabilities in Epic Management LLC’s cybersecurity defenses, allowing unauthorized actors to infiltrate and exfiltrate data over an extended period. While the company took steps to mitigate risks post-breach, the delay in detection and notification raises concerns about proactive monitoring and response protocols. The breach’s scale and the provision of identity protection suggest the compromised data could enable fraud or identity theft, though no immediate financial or operational disruptions to the company were reported. The attack underscores the persistent threat posed by external hackers targeting organizations with weak perimeter security or delayed incident response mechanisms.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/d1b019d5-ab4c-4d61-980a-31967dd37d96.shtml

TPRM report: https://www.rankiteo.com/company/epic-management-lp

"id": "epi239090125",
"linkid": "epic-management-lp",
"type": "Breach",
"date": "3/2021",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 10050,
                        'name': 'Epic Management LLC',
                        'type': 'Organization'}],
 'attack_vector': 'External System Hacking',
 'customer_advisories': 'Identity theft protection services offered for 12 '
                        'months',
 'data_breach': {'number_of_records_exposed': 10050,
                 'personally_identifiable_information': True},
 'date_publicly_disclosed': '2022-12-14',
 'description': 'The Maine Office of the Attorney General reported that Epic '
                'Management LLC experienced a data breach due to external '
                'system hacking that occurred between March 2, 2021, and '
                'October 9, 2021. A total of 10,050 individuals were affected, '
                'including 2 residents of South Carolina. Written '
                'notifications were sent on December 14, 2022, and identity '
                'theft protection services were offered for 12 months.',
 'impact': {'data_compromised': True, 'identity_theft_risk': True},
 'references': [{'source': 'Maine Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['Maine Office of the '
                                                        'Attorney General',
                                                        'South Carolina '
                                                        'residents (2 '
                                                        'affected)']},
 'response': {'communication_strategy': 'Written notifications sent to '
                                        'affected individuals'},
 'title': 'Epic Management LLC Data Breach (2021)',
 'type': 'Data Breach'}