The huge episolus of medical billing has informed millions of people across the United States that their personal and health information had been stolen in a cyberattack earlier this year.
According to a listing of the US Department of Health and Human Services, the violation has affected more than 5.4 million people, making it one of the biggest healthcare violations to date.
Owned by Optum, a subsidiary of Health Insurance Giant UnitedHealth Group, Episource provides billing adjustments to doctors, hospitals, and other organizations working in the healthcare industry. That's why the company processes large amounts of patient personal and medical data and processes claims through health insurance.
In a notice filed Friday with California and Vermont, Episols said offenders can “see a copy” of patient and member data and “see” a “copy” of member data from that system during the week of violations that ends February 6th.
Stolen information includes protected health data such as personal information such as name, postal and email addresses, telephone numbers, medical record numbers, doctors, diagnosis, medication, medication, test results, imaging, care, and other treatment data. The stolen data also includes health insurance information such as health plans, insurance and member numbers.
Although Episols did not explain the nature of the incident, Sharp Healthcare, one of the companies affected by the cyberattacks, told customers that Episols' hacks were caused by ransomware.
This is the latest cybersecurity incident that has been hit with UnitedHealth in recent years.
One of the largest companies in the US healthcare industry, processing billions of health transactions each year, Health Healthcare was hacked by a ransomware gang in February 2024, leading to the theft of personal and health information for over 190 million Americans. The cyberattack was the biggest healthcare data breach in US history.
A few months later, the UnitedHealth Optum unit left an internal chatbot used by employees to ask about bills exposed to the internet.