Data Breach Notification,
Data Security,
Fraud Management & Cybercrime
Breaches at Ocuco and Episource Impact Healthcare Clients and Patients
Ocuco, an Ireland-based software provider for eye care practices, and Episource, based in California and focused on medical coding services, have both disclosed separate hacking incidents that could have implications for various clients and potentially impact hundreds of thousands of individuals.
Ocuco recently reported to the U.S. Department of Health and Human Services that a cyber incident involving unauthorized access to their systems had compromised data for approximately 241,000 individuals. The Ransomware group KillSec has claimed to possess over 340 gigabytes of data from Ocuco, including extensive file records.
An Ocuco representative stated that their investigations confirmed unauthorized access to two non-production servers due to a vulnerability within third-party software that wasn’t disclosed in a timely manner. The firm has since patched this vulnerability and is reviewing affected files to notify impacted parties as per legal obligations.
Ocuco’s swift response highlights a focus on cybersecurity enhancement, which is crucial considering the MITRE ATT&CK framework. The initial access might have stemmed from external exploitation, followed by techniques for privilege escalation through third-party software vulnerabilities.
Episource Breach
In a separate incident, Episource has begun notifying individuals across various states, including California and Texas, about a ransomware attack that first came to light in February. Reports indicate that around 24,259 individuals in Texas alone may have been affected, although specifics for other states remain unspecified.
Episource’s operations entail providing crucial coding and risk adjustment services to healthcare entities, which has required affected partners like Sharp HealthCare to issue their own notifications. Upon detecting the ransomware, Episource halted access to its system and initiated an investigation that confirmed unauthorized access to sensitive data between late January and early February.
Data potentially compromised in the Episource attack included personal identifiers and health-related information. The company has reported the incident to law enforcement and sought cybersecurity expertise for a thorough response. The situation reflects the critical importance of safeguarding personal health information, an obligation for healthcare service providers.
Recent reports highlight that the U.S. has seen a significant influx of data breaches in 2025, with 314 incidents impacting over 22.3 million individuals. Within this context, these cases serve as urgent reminders for businesses about the risks posed by third-party vendor vulnerabilities and the necessity of engaging robust cybersecurity measures.
