The healthcare technology company Episource, owned by UnitedHealth Group’s Optum subsidiary, is at the center of a major data breach affecting more than 5.4 million individuals.
The cyberattack, which occurred between January 27 and February 6, was revealed in a recent filing with the U.S. Department of Health and Human Services’ Office for Civil Rights (source).
As a provider of medical coding, risk adjustment, and analytics services, Episource handles large volumes of sensitive personal and medical data, making it a prime target for hackers.
What Was Stolen in the Episource Data Breach?
According to BleepingComputer, the hackers were able to both view and extract copies of personal data from Episource’s systems. The compromised data may include:
- Full names
- Physical and email addresses
- Phone numbers
- Social Security numbers
- Dates of birth
- Medicaid ID and insurance plan details
- Medical record information
Thankfully, no banking or payment card data was exposed.
Dolly Parton on Losing Carl Dean: “If You Hadn’t Been There”
How to Protect Yourself After the Breach
In its notice, Episource confirmed that 5,418,886 people are affected by this breach. Notification letters started going out in April, but additional filings in California and Vermont suggest even more people may be impacted (TechCrunch report).
