A data breach at Episource, a medical billing company, exposed the personal and health information of over 5.4 million people. The breach, discovered on February 6, 2025, involved cybercriminals accessing and copying sensitive data for about 10 days. The compromised data includes names, addresses, phone numbers, email addresses, Social Security numbers, dates of birth, insurance details, Medicaid and Medicare information, and protected health information such as diagnoses, medications, test results, and medical treatment records.
Source: https://www.infosecurity-magazine.com/news/54-million-affected-episource/
TPRM report: https://scoringcyber.rankiteo.com/company/episource
"id": "epi415071725",
"linkid": "episource",
"type": "Ransomware",
"date": "7/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '5.4 million',
'industry': 'Healthcare',
'location': 'US',
'name': 'Episource',
'type': 'Medical Billing Company'}],
'attack_vector': 'Ransomware',
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': '5.4 million',
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Full name',
'Phone number',
'Email and physical address',
'Date of birth',
'Social Security number',
'Health insurance details',
'Medical data',
'Medicaid and Medicare '
'identification numbers']},
'date_detected': '2025-02-06',
'description': 'A data breach at medical billing company Episource has '
'exposed the personal and health information of more than 5.4 '
'million people across the US.',
'impact': {'data_compromised': ['Full name',
'Phone number',
'Email and physical address',
'Date of birth',
'Social Security number',
'Health insurance details',
'Medical data',
'Medicaid and Medicare identification '
'numbers'],
'identity_theft_risk': True},
'initial_access_broker': {'reconnaissance_period': '10 days'},
'motivation': 'Access to massive amounts of PHI',
'ransomware': {'data_exfiltration': True},
'recommendations': ['Prevent unauthorized lateral movement within the network',
'Implement a privileged remote access strategy'],
'references': [{'source': 'Cyber Incident Description'}],
'response': {'containment_measures': ['Temporarily shut down systems'],
'law_enforcement_notified': True,
'recovery_measures': ['Offering free identity protection and '
'credit monitoring']},
'title': 'Data Breach at Episource',
'type': 'Data Breach'}