Episource, LLC, is a business associate that provides healthcare technology and solutions, specializing in medical coding, risk adjustment, and data analytics for health plans and providers. On February 6, anomalous activity in their system alerted Episource to a potential attack. In response, they shut down computer systems, initiated an investigation, called in a special team,…
Category: U.S.
HealthEC Agrees to $5.48 Million Settlement to End Data Breach Lawsuit
Daniel Lopez reports: HealthEC LCC and its clients finally reached a settlement to resolve a class action data breach lawsuit involving a hacking incident and data breach in 2023. Analytics software vendor HealthEC, based in New Jersey, provides healthcare companies with a platform to determine high-risk patients and limitations to optimal healthcare. From July 14, 2023…
School Districts Unaware BoardDocs Software Published Their Private Files
Mark Keierleber has an interesting and concerning update on the BoardDocs breach previously reported by DataBreaches on June 1: BoardDocs, a software tool used by thousands of school boards to track meeting minutes and store confidential information, has suffered a data breach affecting districts nationally, The 74 has learned. Records at the center of the…
Help, please: Seeking copies of the PowerSchool ransom email(s)
Help, please: If anyone has a copy of the ransom note sent to PowerSchool in December 2024 or to PowerSchool clients on or about May 7, 2025, please email me a copy or upload it to me on Signal. I want to see not only the body, but the full header and signature. To reach…
Texas DOT investigates breach of crash report records, sends notification letters
Randall Case reports: A compromise of an account has led to improper downloads of a large number of crash records, the Texas Department of Transportation announced Friday. On May 12, TxDOT identified unusual activity in its Crash Records Information System (CRIS) and further investigation revealed the activity originated from an account that was compromised and…
PowerSchool hacker pleads guilty, released on personal recognizance bond
He’s just a frail-looking teenager, but he sent threatening emails to get his victims to pay his extortion demands. Today, 19 year-old Assumption College student Matthew Lane waived indictment and pleaded guilty in a Worcester courtroom to hacking an unnamed telecom company and an unnamed edtech vendor, widely known to be PowerSchool. As per the…