Medical software company Episource this week began notifying victims of a January 2025 data breach that compromised medical records and health insurance info. Sharp Healthcare, an Episource client in California, is also notifying patients of the breach. Episource has not disclosed how many victims it notified nationwide, but the Texas Attorney General reports 24,259 people were notified of the breach in that state alone.
In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:
“In 2025 to date, Comparitech has logged three confirmed ransomware attacks on US healthcare-related businesses that do not provide direct care to patients. Attacks on these companies can have far-reaching consequences for hospitals, clinics, and other direct care providers that use them. Last year, 29 such attacks compromised nearly 193 million records. Ransomware gangs in 2025 so far have made another 24 unconfirmed attack claims against healthcare-related companies that haven’t been publicly acknowledged by the targeted companies.”
“As for direct care providers like hospitals and clinics, Comparitech researchers have logged 27 confirmed ransomware attacks in 2025 so far, compromising more than 1.9 million records. Ransomware attacks on healthcare providers can cripple critical systems and endanger the health, privacy, and security of patients. Targeted companies must pay a ransom or face extended downtime, data loss, and putting patients and staff at increased risk of fraud. Hospitals and clinics might have to resort to pen and paper, cancel appointments, and divert patients elsewhere until systems are restored.”
Yet again I am reporting on another health care breach. That’s continues not to be a good thing as it underscores how vulnerable this space is. Changing this in a different direction has to be a priority.
Related
This entry was posted on June 13, 2025 at 2:17 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Medical software maker Episource data breach leaks thousands of patients’ private health info
Medical software company Episource this week began notifying victims of a January 2025 data breach that compromised medical records and health insurance info. Sharp Healthcare, an Episource client in California, is also notifying patients of the breach. Episource has not disclosed how many victims it notified nationwide, but the Texas Attorney General reports 24,259 people were notified of the breach in that state alone.
In a blog post reporting this news, Paul Bischoff, Consumer Privacy Advocate at Comparitech, wrote:
“In 2025 to date, Comparitech has logged three confirmed ransomware attacks on US healthcare-related businesses that do not provide direct care to patients. Attacks on these companies can have far-reaching consequences for hospitals, clinics, and other direct care providers that use them. Last year, 29 such attacks compromised nearly 193 million records. Ransomware gangs in 2025 so far have made another 24 unconfirmed attack claims against healthcare-related companies that haven’t been publicly acknowledged by the targeted companies.”
“As for direct care providers like hospitals and clinics, Comparitech researchers have logged 27 confirmed ransomware attacks in 2025 so far, compromising more than 1.9 million records. Ransomware attacks on healthcare providers can cripple critical systems and endanger the health, privacy, and security of patients. Targeted companies must pay a ransom or face extended downtime, data loss, and putting patients and staff at increased risk of fraud. Hospitals and clinics might have to resort to pen and paper, cancel appointments, and divert patients elsewhere until systems are restored.”
Yet again I am reporting on another health care breach. That’s continues not to be a good thing as it underscores how vulnerable this space is. Changing this in a different direction has to be a priority.
Share this:
Like this:
Related
This entry was posted on June 13, 2025 at 2:17 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.