Episource, LLC, a leading provider of medical coding and risk adjustment services, has suffered a significant data breach, resulting in the exposure of sensitive personal and health information belonging to thousands of individuals. The breach, discovered on February 6, 2025, was caused by unauthorized access to Episource’s internal systems, enabling cybercriminals to extract confidential patient data over a span of ten days (January 27 – February 6, 2025).
Affected individuals include patients linked to major healthcare providers, such as Sharp HealthCare and Horizon Blue Cross Blue Shield of New Jersey. Episource has begun notifying impacted customers and is offering complimentary credit monitoring and identity protection services to mitigate risks associated with the breach.
- Nature of the Data Compromised
📌 Personally Identifiable Information (PII)
✔️ Full Name
✔️ Date of Birth
✔️ Social Security Number (for some individuals)
✔️ Home Address, Phone Number, Email
📌 Healthcare & Insurance Records
✔️ Medical Record Numbers
✔️ Diagnosis History, Prescription Information, and Test Results
✔️ Doctor Visit Details & Treatment Plans
✔️ Health Insurance Policy Numbers (Medicaid, Medicare, and Private Insurance IDs)
📢 While Episource has not reported any misuse of the leaked data, impacted individuals should exercise caution and monitor financial and healthcare statements for fraudulent activity.
- How Did the Episource Data Breach Happen?
- Cybercriminals gained access to internal systems – Suspicious activity was first detected on February 6, 2025, when Episource’s security team identified anomalies in their network.
- Sensitive patient data was exfiltrated – Investigations confirmed that attackers accessed and copied confidential medical records, insurance details, and personally identifiable information between January 27 and February 6, 2025.
- Episource responded by launching an internal cybersecurity review – The company isolated affected systems, collaborated with law enforcement, and implemented new security measures to prevent further exposure.
- Threat actor identity remains unknown – Although Episource has not publicly disclosed the attackers behind the breach, cybersecurity analysts suspect criminal hacking groups seeking to monetize stolen medical data through dark web transactions.
📢 Healthcare organizations continue to be prime targets for cybercriminals, given the high value of medical and insurance information on illicit markets.
- What Should Affected Individuals Do?
- Enroll in credit monitoring & identity protection services – Episource is providing free subscriptions to assist affected individuals in tracking possible financial fraud.
- Monitor healthcare accounts for suspicious activity – Unauthorized medical claims or fraudulent billing statements could indicate misuse of personal health information.
- Beware of phishing emails or scam calls – Attackers may attempt social engineering tactics, impersonating healthcare providers to steal additional information.
- Consider placing a fraud alert or credit freeze – Contacting major credit bureaus can prevent identity thieves from opening accounts under stolen credentials.
📢 Episource has established a dedicated call center for affected individuals at (877) 786-0549, available Monday through Friday, 8 a.m. to 8 p.m. CST.
- Broader Impact & Security Concerns in the Healthcare Industry
- Healthcare Data Breaches on the Rise – Episource joins a growing list of medical service providers targeted by cybercriminals, including Change Healthcare and Ocuco, underscoring vulnerabilities in healthcare IT security.
- Potential HIPAA Compliance Violations – The breach may trigger federal investigations related to the Health Insurance Portability and Accountability Act (HIPAA), requiring Episource to enhance security protocols.
- Legal Consequences & Class Action Investigations – Attorneys specializing in data privacy law are exploring class-action lawsuits, arguing Episource failed to adequately protect patient records.
