CyberSecurity news
FlagThis - #patients
|
@www.healthcareitnews.com
//
The healthcare sector has been rocked by a recent ransomware attack on Episource, a medical coding, risk adjustment services, and software company. The breach, which occurred in February 2025, resulted in the compromise of sensitive patient health information. According to reports, unauthorized access to Episource's computer systems allowed cybercriminals to view and copy data belonging to the company's healthcare provider and health plan customers. The exposed information includes personal contact information, health insurance plan data, medical diagnoses, test results, and images, raising serious concerns about patient privacy and security.
Sharp Community Medical Group and Sharp Healthcare, Episource clients, have confirmed that patient data was compromised in the attack. While the incident did not involve unauthorized access to electronic health records or patient portals, the exposed data includes health insurance information and health data, such as medical record numbers, doctors, diagnoses, medications, test results, images, care, and treatments. Episource began notifying affected customers about which individuals and specific data may have been involved starting on April 23, 2025. Sharp Healthcare has also started sending out patient breach notifications. This incident highlights the increasing vulnerability of healthcare organizations to ransomware attacks. Microsoft reports that 389 healthcare companies have been hit by ransomware this year alone, resulting in network shutdowns, offline systems, rescheduled appointments, and delays in critical procedures. The financial impact is significant, with healthcare organizations losing up to $900,000 per day on downtime. Experts emphasize the importance of strengthening cybersecurity measures, including employee training and awareness programs, to protect sensitive patient data and mitigate the risk of future attacks. Episource is working to strengthen its computer systems and has notified law enforcement.
Share:
References :
Classification:
Bill Toulas@BleepingComputer
//
Yale New Haven Health (YNHHS) has confirmed a significant data breach impacting 5.5 million patients. The cybersecurity incident, which occurred in March, involved unauthorized access to YNHHS systems, leading to the potential theft of sensitive personal information. The exposed data includes names, dates of birth, medical record numbers, and in some instances, Social Security numbers and health insurance details. YNHHS has alerted affected patients and is working with law enforcement and cybersecurity experts to investigate the breach.
Mandiant's incident response team was brought in to help contain the breach. The healthcare system began notifying affected patients via mail on April 14. The organization is affiliated with Yale University and Yale School of Medicine and is Connecticut's largest provider of its kind, with five hospitals and medical clinics throughout the US state as well as New York and Rhode Island. This cyberattack is considered one of the largest healthcare data breaches of the year. YNHHS has stated that the incident has not affected its ability to provide patient care, with the patient portal and electronic medical records functioning normally. The incident serves as a stark reminder of the increasing cyber threats faced by healthcare organizations and underscores the critical need for robust security measures to safeguard patient data.
Share:
References :
Classification:
|