Unknown miscreants have stolen data describing around 5.4 million customers of healthcare technology firm Episource. The company, which offers a range of tech services in the healthcare sector, admitted to having records stolen in a breach notification letter published last week. Episource said that the incident took place sometime between January 27 and February 6 of this year, though it didn't specify exactly how 'a cybercriminal was able to see and take copies of some data in our computer system.' Whoever made off with the data accessed victims’ Social Security numbers, dates of birth, plus health care data including diagnoses, prescriptions, medical images, and treatment plans. The attackers also stole health insurance data.
Source: https://www.theregister.com/2025/06/23/infosec_news_in_brief/
TPRM report: https://scoringcyber.rankiteo.com/company/episource
"id": "epi300062325",
"linkid": "episource",
"type": "Breach",
"date": "6/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Defense',
'location': 'United States',
'name': 'US Army',
'type': 'Military'}],
'attack_vector': 'Insider Threat',
'data_breach': {'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Classified Data'},
'description': 'Joseph Daniel Schmidt, a former US Army sergeant, has pled '
'guilty to attempting to sell classified data to China. He '
'used his top secret clearance to steal classified data and '
'later contacted the Chinese government while abroad. His '
'amateurish tradecraft involved using personal email addresses '
'and searching for topics related to espionage on Google.',
'impact': {'data_compromised': 'Classified Data',
'legal_liabilities': 'Up to a decade behind bars and a $250,000 '
'fine'},
'motivation': 'Financial Gain',
'threat_actor': 'Joseph Daniel Schmidt',
'title': 'Former US Army Sergeant Attempts to Sell Classified Data to China',
'type': 'Data Theft'}