Episource

Episource, a medical software company, suffered a data breach in January 2025 that compromised medical records and health insurance information. The breach, resulting from a ransomware attack, affected personal information including health data, health insurance data, and contact information. Sharp Healthcare, a client of Episource, also notified patients of the breach. The Texas Attorney General reported 24,259 people were notified of the breach in Texas alone, indicating a significant impact on customers' data.

Source: https://www.comparitech.com/news/medical-software-maker-episource-data-breach-leaks-thousands-of-patients-private-health-info/

TPRM report: https://scoringcyber.rankiteo.com/company/episource

"id": "epi601061425",
"linkid": "episource",
"type": "Ransomware",
"date": "6/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization’s existence"

{'affected_entities': [{'customers_affected': 24259,
                        'industry': 'Healthcare',
                        'location': 'California',
                        'name': 'Sharp Healthcare',
                        'type': 'Healthcare Provider'},
                       {'industry': 'Healthcare',
                        'location': 'India, Los Angeles',
                        'name': 'Episource',
                        'type': 'Medical Software Company'}],
 'customer_advisories': 'Notifications to victims',
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Medical record numbers',
                                              'Doctors',
                                              'Diagnoses',
                                              'Medications',
                                              'Test results',
                                              'Images',
                                              'Care',
                                              'Treatments',
                                              'Health insurance plans and '
                                              'policies',
                                              'Insurance companies',
                                              'Member and group ID numbers',
                                              'Medicaid-Medicare government '
                                              'payor ID numbers',
                                              'Names',
                                              'Addresses',
                                              'Dates of birth',
                                              'Phone numbers',
                                              'Email addresses']},
 'date_detected': '2025-01-27',
 'description': 'Medical software company Episource experienced a data breach '
                'in January 2025 that compromised medical records and health '
                'insurance information. The breach was a result of a '
                'ransomware attack and affected Sharp Healthcare, an Episource '
                'client in California.',
 'impact': {'data_compromised': ['Health data',
                                 'Health insurance data',
                                 'Contact info']},
 'ransomware': {'data_exfiltration': True},
 'references': [{'source': 'Comparitech'}],
 'regulatory_compliance': {'regulatory_notifications': 'Texas Attorney '
                                                       'General'},
 'response': {'communication_strategy': 'Notifications to victims',
              'third_party_assistance': 'IDX for credit monitoring and '
                                        'identity theft protection'},
 'title': 'Episource Data Breach',
 'type': 'Data Breach, Ransomware Attack'}