Episource ransomware attack leaked patient health data

Episource, which develops analysis tools for health care providers, said that it had started to inform patient victims of a health data violation following a ransomware attack in February.

The Sharp Healthcare and Sharp Community Medical Group customer said that if the incident did not involve unauthorized access to its electronic health files or patients’ portals, health insurance and patient health data were exposed.

Why it matters

Episource, a medical coding, risk adjustment services and software companies held by Unitedhealth Group, said in a website opinion that a medical-legal survey confirmed that there had been unauthorized access during an attack on ransomware against its computer systems earlier this year and reported the incident to the California general prosecutor on June 6.

Threat actors were able to access the data of patients held by the health care provider and customers of the company’s health plan between January 27 and February 6. Data that may have been seen or taken vary, said Episource.

“We have learned from our survey that a cybercriminal could have seen and take copies of certain data in our computer systems,” said Episource, adding: “Financial and banking information and payment cards have not been assigned to this incident.”

Data that may have been exfiltrated include personal contact details, health insurance regime, medical diagnostics, test results, images and health information for more protected patients.

Sharp confirmed in a violation notice now published on his website that Episource confirmed for the first time that the health system had been affected by the violation on April 24 and now sent notifications of patient violation.

Although the incident does not imply unauthorized access to electronic health files or patient portals, he said Sharp, he worked closely with Episource to identify which of his patients have been assigned and what types of information have been compromised.

Patient coordinates and health insurance data, such as health plans, members’ identity and group issues, and Medicaid-Medicare Payer IDs may have been exfiltrated. Could also be exposed to their health data – including doctors, diagnostics, drugs, test results, images and processing plans.

The biggest trend

Last year, the attack on another UHG subsidiary – Health payment exchange changes health – the payments of suppliers hampered for months.

This incident stressed how vulnerable health platforms with huge concentrations of precious data are patient data, with 190 million people affected. But that has also proven how health care companies that do not directly provide patient care facing a significant risk of being targeted by threat stakeholders who seek to paralyze the health care provision system on patients.

So far this year, there have been at least three of these ransomware attacks, according to Comarch, a company seeking American and British cybersecurity and online privacy. Friday, 24 other attacks unconfirmed against health care companies have not been publicly recognized, according to the firm’s blog post.

Halfway through the year, these statistics could mean that the health care industry could exceed the number of attacks from last year against health partners. In 2024, 29 attacks on health sales partners compromised nearly 193 million patient files, the company said.

It should be noted that previous comparison searches indicated that ransomware attacks against suppliers cost up to $ 900,000 per day in stopping time, on the basis of attacks that occurred over four years.

At the same time as

“The information has included any social security number, a driving license or identification numbers, government identification numbers, information on the bank account or credit / payment,” said Sharp in a press release.

Andrea Fox is editor -in -chief of Healthcare It News.
E-mail: [email protected]
Healthcare It News is a publication of the Himss media.