Data Breach Notification,
Data Security,
Fraud Management & Cybercrime
Ocuco and Episource Breaches Impact Health Sector Clients and Patients
Recent hacking events have been reported by Ocuco, a software provider based in Ireland that specializes in eye care solutions, and Episource, a California-based firm offering medical coding services. These incidents are projected to have affected numerous clients and potentially hundreds of thousands of individuals across the U.S.
According to Ocuco’s report to the U.S. Department of Health and Human Services, a compromised network server impacted almost 241,000 individuals. A ransomware group identified as KillSec asserts possession of over 340 gigabytes of Ocuco’s data, which includes more than 670,000 files and 26,000 folders.
An official statement from Ocuco indicated that the company became aware of the breach through a dark web post claiming to have acquired sensitive data from their systems. They initiated a thorough investigation with external cybersecurity experts, discovering unauthorized access to two non-production servers resulting from a previously unknown vulnerability in third-party software used in their infrastructure.
Ocuco confirmed that they have addressed the identified vulnerability and are currently reviewing the affected files to notify individuals whose data may have been compromised, as required by law. They have also reinforced their cybersecurity measures to enhance their defenses against future incidents.
Episource Incident
In a parallel scenario, Episource has begun reaching out to individuals in states including California and Texas regarding a ransomware breach identified in February. Reports indicate that in Texas alone, approximately 24,259 people were affected, although the specific number for California has not been disclosed. Interestingly, this particular breach has yet to be reflected in the U.S. Department of Health and Human Services’ list of significant breaches affecting more than 500 individuals.
Episource’s services, primarily aimed at the healthcare sector, have prompted several affected clients, such as Sharp HealthCare in California and Horizon Blue Cross Blue Shield in New Jersey, to publicly announce the breach. Sharp HealthCare confirmed that it was among the organizations impacted, indicating that unauthorized access to their information occurred between January 27 and February 6, 2025.
The firm has notified law enforcement and enlisted cybersecurity specialists to assist in their ongoing response. Initial findings suggest that sensitive personal information, including names, addresses, and in some instances, Social Security numbers, may have been accessed.
As the repercussions of both breaches unfold, law firms are beginning to investigate the incidents for potential class-action litigation. As of now, the U.S. Health and Human Services’ Office for Civil Rights reports that 314 major data breaches have been logged in 2025, affecting over 22.3 million individuals, with a considerable portion linked to software service vendors.
