American medical coding and Watch Maninilip Onlinerisk assessment firm Episource confirmed in a notice that it was affected by a data breach earlier this year.

On February 6, Episource discovered unusual activity on its computers, it reported in the notice. It began investigating, involving a special team and law enforcement, and learned that a cybercriminal viewed and took copies of data between January 27 and February 6.

SEE ALSO: Asana bug in new AI feature may have exposed data to other users for weeks

According to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights, this data breach has impacted around 5.4 million people. Episource submitted the breach to HHS on June 6.

You May Also Like

While the data seen and taken may not have been the same for everyone, the information involved in the breach was:

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

  • Contact information: Names, addresses, phone numbers, and emails

  • Other personal information: Social Security numbers or dates of birth

  • Health insurance data: Health plans/policies, insurance companies, member/group ID numbers, and Medicaid/Medicare/government payer ID numbers

  • Health data: medical record numbers, doctors, diagnoses, medicines, test results, images, care, and treatment

The notice states that financial, banking, and credit card information "largely were not impacted." Episource began notifying impacted customers of the individuals and data impacted on April 23. It warns that individuals should monitor their explanations of benefits received from their health care plans and their banking statements.

If individuals notice suspicious activity on their bank or credit card statements, or receive notices for health services they haven't received, they should report it to the relevant authority (such as their credit card company or doctor). If individuals believe they're victims of a crime, they should contact law enforcement, the notice states. Basically, watch out for healthcare scams.

Related Stories
  • 23andMe's DNA data is going up for sale again
  • What are pig butchering scams? How to protect yourself from online con artists.
  • The top internet scams to be aware of in 2025 (so far)
  • Indeed job offer scam texts are on the rise. How to spot them and what to do.
  • Scammers tricked TikTok users into downloading malware with AI videos

Earlier this year, another massive healthcare data breach (this time at medical non-profit, Laboratory Services Cooperative) compromised the data of over a million people.

Healthcare scams, like romance scams and other internet scams, are unfortunately common. The Federal Trade Commission published tips on spotting healthcare scams, such as warning signs and what to do before signing up for a health insurance plan.

Topics Cybersecurity Health Privacy