CyberSecurity news
FlagThis
@www.healthcarefinancenews.com
//
The healthcare sector has been rocked by a recent ransomware attack on Episource, a medical coding, risk adjustment services, and software company. The breach, which occurred in February 2025, resulted in the compromise of sensitive patient health information. According to reports, unauthorized access to Episource's computer systems allowed cybercriminals to view and copy data belonging to the company's healthcare provider and health plan customers. The exposed information includes personal contact information, health insurance plan data, medical diagnoses, test results, and images, raising serious concerns about patient privacy and security.
Sharp Community Medical Group and Sharp Healthcare, Episource clients, have confirmed that patient data was compromised in the attack. While the incident did not involve unauthorized access to electronic health records or patient portals, the exposed data includes health insurance information and health data, such as medical record numbers, doctors, diagnoses, medications, test results, images, care, and treatments. Episource began notifying affected customers about which individuals and specific data may have been involved starting on April 23, 2025. Sharp Healthcare has also started sending out patient breach notifications.
This incident highlights the increasing vulnerability of healthcare organizations to ransomware attacks. Microsoft reports that 389 healthcare companies have been hit by ransomware this year alone, resulting in network shutdowns, offline systems, rescheduled appointments, and delays in critical procedures. The financial impact is significant, with healthcare organizations losing up to $900,000 per day on downtime. Experts emphasize the importance of strengthening cybersecurity measures, including employee training and awareness programs, to protect sensitive patient data and mitigate the risk of future attacks. Episource is working to strengthen its computer systems and has notified law enforcement.
References :
Sharp Community Medical Group and Sharp Healthcare, Episource clients, have confirmed that patient data was compromised in the attack. While the incident did not involve unauthorized access to electronic health records or patient portals, the exposed data includes health insurance information and health data, such as medical record numbers, doctors, diagnoses, medications, test results, images, care, and treatments. Episource began notifying affected customers about which individuals and specific data may have been involved starting on April 23, 2025. Sharp Healthcare has also started sending out patient breach notifications.
This incident highlights the increasing vulnerability of healthcare organizations to ransomware attacks. Microsoft reports that 389 healthcare companies have been hit by ransomware this year alone, resulting in network shutdowns, offline systems, rescheduled appointments, and delays in critical procedures. The financial impact is significant, with healthcare organizations losing up to $900,000 per day on downtime. Experts emphasize the importance of strengthening cybersecurity measures, including employee training and awareness programs, to protect sensitive patient data and mitigate the risk of future attacks. Episource is working to strengthen its computer systems and has notified law enforcement.
Share:
References :
- www.comparitech.com: Medical software maker Episource data breach leaks thousands of patients’ private health info
- www.healthcareitnews.com: Episource ransomware attack leaked patient health data
Classification:
- HashTags: #Ransomware #DataBreach #Healthcare
- Company: Episource
- Target: Patients
- Product: Analytics Tools
- Feature: Data Leak
- Malware: Ransomware
- Type: Ransomware
- Severity: Major