An IT vendor data breach involving 5.4 million individuals has ensnared health systems.
Episource, an Optum subsidiary that provides medical coding and risk adjustment services to health systems and payers, said it turned off its computer systems Feb. 6 after detecting unusual activity on its network. The firm later determined that a cybercriminal accessed and stole data between Jan. 27 and Feb. 6.
The data may have included names, dates of birth, Social Security numbers, diagnoses, medications and treatment information. Episource said it has no evidence any of the data has been misused.
San Diego-based Sharp HealthCare reported to HHS that 24,971 of its patients were affected by the breach, while San Diego-based Sharp Community Medical Group said 2,029 of its patients were impacted.
Another Optum subsidiary, Change Healthcare, fell victim to the largest-ever healthcare data breach in 2024.
