NEWNow you can hearken to Fox Information articles!
Over the previous decade, software program corporations have constructed options for almost each trade, together with healthcare. One time period you could be conversant in is software program as a service (SaaS), a mannequin by which software program is accessed on-line by a subscription reasonably than put in on particular person machines.
In healthcare, SaaS suppliers at the moment are a standard a part of the ecosystem. However, just lately, a lot of them have made headlines for the incorrect causes.
A number of knowledge breaches have been traced again to vulnerabilities at these third-party service suppliers. The newest incident comes from one such agency, which has now confirmed that hackers stole the well being info of over 5 million individuals in the USA throughout a cyberattack in January.
Join my FREE CyberGuy Report
Get my finest tech suggestions, pressing safety alerts and unique offers delivered straight to your inbox. Plus, you’ll get on the spot entry to my Final Rip-off Survival Information — free once you be part of.
ASCENSION HEALTHCARE DATA BREACH EXPOSES 430,000 PATIENT RECORDS
A healthcare employee taking a look at knowledge on a pill (Kurt “CyberGuy” Knutsson)
SaaS agency results in main healthcare blunder
Episource, a giant title in healthcare knowledge analytics and coding providers, has confirmed a serious cybersecurity incident (by way of Bleeping Pc). The breach concerned delicate well being info belonging to over 5 million individuals in the USA. The corporate first seen suspicious system exercise Feb. 6, 2025, however the precise compromise started ten days earlier.
An inner investigation revealed that hackers accessed and copied non-public knowledge between Jan. 27 and Feb. 6. The corporate insists that no monetary info was taken, however the stolen data do embrace names, contact particulars, Social Safety numbers, Medicaid IDs and full medical histories.
Episource claims there’s no proof the data has been misused, however as a result of they haven’t seen the fallout but doesn’t imply it isn’t occurring. As soon as knowledge like that is out, it spreads quick, and the results don’t look ahead to official affirmation.
A girl taking a look at a well being app on her smartphone (Kurt “CyberGuy” Knutsson)
OVER 8 MILLION PATIENT RECORDS LEAKED IN HEALTHCARE DATA BREACH
Why healthcare SaaS is a rising goal
The healthcare trade has embraced cloud-based providers to enhance effectivity, scale operations and scale back overhead. Firms like Episource allow healthcare payers to handle coding and danger adjustment at a a lot bigger scale. However this shift has additionally launched new dangers. When third-party distributors deal with affected person knowledge, the safety of that knowledge turns into depending on their infrastructure.
Healthcare knowledge is among the many most useful kinds of private info for hackers. In contrast to fee card knowledge, which could be modified shortly, medical and identification data are long-term property on the darkish net. These breaches can result in insurance coverage fraud, identification theft and even blackmail.
Episource is just not alone in dealing with this type of assault. Prior to now few years, a number of healthcare SaaS suppliers have confronted breaches, together with Accellion and Blackbaud. These incidents have affected tens of millions of sufferers and have led to class-action lawsuits and stricter authorities scrutiny.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
A healthcare employee typing on her laptop computer (Kurt “CyberGuy” Knutsson)
5.5 MILLION PATIENTS EXPOSED BY MAJOR HEALTHCARE DATA BREACH
5 methods you possibly can shield your self from healthcare knowledge breach
In case your info was a part of the healthcare breach or any related one, it’s price taking a couple of steps to guard your self.
1. Contemplate identification theft safety providers: Because the healthcare knowledge breach uncovered private and monetary info, it’s essential to remain proactive towards identification theft. Identification theft safety providers supply steady monitoring of your credit score experiences, Social Safety quantity and even the darkish net to detect in case your info is being misused.
These providers ship you real-time alerts about suspicious exercise, reminiscent of new credit score inquiries or makes an attempt to open accounts in your title, serving to you act shortly earlier than critical injury happens. Past monitoring, many identification theft safety corporations present devoted restoration specialists who help you in resolving fraud points, disputing unauthorized costs and restoring your identification if it’s compromised. See my suggestions and finest picks on how you can shield your self from identification theft.
2. Use private knowledge removing providers: The healthcare knowledge breach leaks a great deal of details about you, and all this might find yourself within the public area, which basically provides anybody a chance to rip-off you.
One proactive step is to contemplate private knowledge removing providers, which concentrate on constantly monitoring and eradicating your info from numerous on-line databases and web sites. Whereas no service guarantees to take away all of your knowledge from the web, having a removing service is nice if you wish to continuously monitor and automate the method of eradicating your info from a whole lot of websites constantly over an extended time frame. Take a look at my high picks for knowledge removing providers right here.
Get a free scan to seek out out in case your private info is already out on the internet.
3. Have sturdy antivirus software program: Hackers have individuals’s electronic mail addresses and full names, which makes it simple for them to ship you a phishing hyperlink that installs malware and steals all of your knowledge. These messages are socially engineered to catch them, and catching them is almost not possible in case you’re not cautious. Nevertheless, you’re not with out defenses.
One of the best ways to safeguard your self from malicious hyperlinks is to have sturdy antivirus software program put in on all of your gadgets. This safety may also provide you with a warning to phishing emails and ransomware scams, preserving your private info and digital property protected. Get my picks for the perfect 2025 antivirus safety winners on your Home windows, Mac, Android and iOS gadgets.
4. Allow two-factor authentication: Whereas passwords weren’t a part of the information breach, you continue to have to allow two-factor authentication (2FA). It provides you an additional layer of safety on all of your necessary accounts, together with electronic mail, banking and social media. 2FA requires you to supply a second piece of data, reminiscent of a code despatched to your cellphone, along with your password when logging in. This makes it considerably more durable for hackers to entry your accounts, even when they’ve your password. Enabling 2FA can vastly scale back the danger of unauthorized entry and shield your delicate knowledge.
5. Be cautious of mailbox communications: Unhealthy actors may attempt to rip-off you thru snail mail. The info leak provides them entry to your tackle. They might impersonate individuals or manufacturers you realize and use themes that require pressing consideration, reminiscent of missed deliveries, account suspensions and safety alerts.
WINDOWS 10 SECURITY FLAWS LEAVE MILLIONS VULNERABLE
Kurt’s key takeaways
What makes this breach particularly alarming is that lots of the affected sufferers could have by no means even heard of Episource. As a business-to-business vendor, Episource operates within the background, working with insurers and healthcare suppliers, not with sufferers immediately. The individuals affected had been clients of these corporations, but it is their most delicate knowledge now in danger due to a 3rd occasion they by no means selected or trusted. This type of oblique relationship muddies the waters in the case of accountability and makes it even more durable to demand transparency or maintain anybody accountable.
CLICK HERE TO GET THE FOX NEWS APP
Do you suppose healthcare corporations are investing sufficient of their cybersecurity infrastructure? Tell us by writing us at Cyberguy.com/Contact
For extra of my tech suggestions and safety alerts, subscribe to my free CyberGuy Report Publication by heading to Cyberguy.com/Publication
Ask Kurt a query or tell us what tales you need us to cowl
Observe Kurt on his social channels
Solutions to essentially the most requested CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.