Millions at Risk as Episource Confirms Major Health Data Breach
📷 Image source: techcrunch.com
Healthcare analytics firm Episource has begun notifying millions of individuals that their sensitive medical information was compromised in a recent cyberattack. The breach, which the company disclosed in regulatory filings this week, exposed patient records containing diagnoses, treatment histories, and insurance details.
According to Episource, unauthorized actors accessed its systems in early 2025, though the intrusion wasn't detected until months later. The delayed discovery raises concerns about security protocols at the company, which processes medical records for insurers and healthcare providers nationwide.
Cybersecurity experts note this breach follows a troubling pattern in healthcare data security. 'Medical information is 50 times more valuable than credit card data on the dark web,' said Dr. Sarah Chen, a health IT security specialist at Johns Hopkins University. 'These records contain permanent information that can't simply be canceled like a credit card.'
The notification comes as federal regulators increase scrutiny of healthcare data protection. The Department of Health and Human Services recently proposed stricter reporting requirements for breaches affecting over 500 patients. Episource has established a call center for affected individuals but faces potential class-action lawsuits over the incident.
Additional reporting from Becker's Hospital Review reveals this is the third major healthcare data breach this quarter, underscoring vulnerabilities in an industry increasingly targeted by cybercriminals. Patients are advised to monitor medical statements and credit reports for signs of identity theft.
