Software Firms Suffer Data Hacks

Summary

Two software firms, Ocuco and Episource, report major health data breaches affecting hundreds of thousands. Ocuco confirms unauthorized access to its servers and data exfiltration by the KillSec ransomware group. Episource is facing lawsuits related to its ransomware incident.

Dont let data threats slow you downTrueNAS offers enterprise-level protection.

** Main Story**

Okay, so you won’t believe the news, but two software firms that specialize in healthcare services have just reported some seriously big data breaches. I mean, we’re talking about the sensitive information of hundreds of thousands of people potentially exposed. It’s crazy! These incidents? They just shine a spotlight on how vulnerable healthcare data remains, especially when third-party vendors are involved.

And who are these companies, you ask? Well, there’s Ocuco, an Ireland-based firm providing software for eye care practices, and Episource, a medical coding services company out of California. Let’s dig into them:

Ocuco Breach: Hundreds of Thousands Affected

Ocuco, with over 6,750 client sites spanning 88 countries, reported a breach impacting almost 241,000 people to the U.S. Department of Health and Human Services (HHS) on May 30, 2025. That’s a lot of people. What’s even worse? The ransomware group KillSec claimed responsibility. They’re boasting about having over 340 gigabytes of data, that’s something like 670,000 files and 26,000 folders. Ocuco confirmed unauthorized access to a couple of their non-production servers, blaming the vulnerability on a flaw in some third-party software. They’ve patched it now, supposedly, and added extra security measures. But, of course, the investigation is still underway, trying to figure out exactly who was affected and what data was compromised. Honestly, I feel bad for the teams who are working on this! I’d hate to be in their shoes.

Episource: Lawsuits After Ransomware

Then there’s Episource. They discovered their ransomware incident back in February 2025. And they’ve started notifying affected individuals in states like California and Texas. The exact number of people affected in California is still under wraps, but we do know it impacted 24,259 folks in Texas alone. Episource confirmed a cybercriminal accessed and copied data from their computer systems. Although, as of June 16, 2025, this hasn’t even shown up on the HHS Office for Civil Rights HIPAA Breach Reporting Tool website yet, you know, the one that lists breaches impacting 500 or more people. What’s worse? At least two proposed class-action lawsuits have already been filed against Episource in a California federal court. Looks like things are going to get messy for them.

An Uptick in Healthcare Data Breaches

These incidents? They’re not isolated, they’re part of a worrying trend of healthcare data breaches. As of June 13, 2025, the HHS Office for Civil Rights (OCR) website lists 314 major data breaches in 2025, impacting over 22.3 million people. And get this: 113 of those breaches, affecting more than 9.5 million people, involved business associates—like software service providers or other third-party vendors. It really underlines how risky these third-party relationships can be for healthcare organizations. A recurring theme? Exploitation of vulnerabilities in third-party software. That’s why robust vendor risk management programs are so important. Healthcare organizations really need to assess the security practices of their vendors. And contracts should definitely include provisions for data protection and incident response. Not to mention regular security audits and penetration testing to help find and fix vulnerabilities before attackers can pounce. I remember a friend telling me a story, about how a vulnerability in their system had been found during an audit, and averted disaster. It just shows how worthwhile these tests are!

Patient Data Protection: A Shared Task

Protecting patient data it isn’t one person’s job. It is everyone’s. It’s a shared responsibility that requires continuous attention and proactive measures. Healthcare organizations and their vendors have to prioritize cybersecurity. And they need to implement strong security measures to safeguard sensitive information. To summarise:

• Multi-Factor Authentication (MFA): Implementing MFA adds an extra layer of security, making it significantly harder for attackers to gain unauthorized access. It really is a no-brainer, even if they do manage to steal login credentials. I always say, why make it easier for them?!?
• Regular Software Updates: Keeping software up-to-date? It’s super important for patching known vulnerabilities. And, you know, reducing the risk of exploitation. This applies to everything, not just operating systems but also applications. Don’t skip them.
• Employee Training: Regular security awareness training for employees. I think this helps prevent phishing attacks and other social engineering tactics. These things are commonly used to get initial access to systems. You’d be surprised how many people fall for these tricks.
• Incident Response Plan: A well-defined incident response plan enables organizations to react quickly. It helps them effectively contain a breach, minimize damage, and ensure business continuity. If you don’t have a plan, you’re basically running around like a headless chicken when something goes wrong.

These recent breaches really drive home the ever-present threat of cyberattacks in healthcare. And the growing reliance on third-party vendors is just amplifying the risk. By making cybersecurity a priority and implementing strong security measures, healthcare organizations can better protect patient data. And, you know, maintain the trust of the people they serve. So what does all this mean? It means we all have to be vigilant, stay informed, and keep pushing for better security practices. After all, it’s our data on the line, isn’t it? And it’s worth remembering, this information is current as of June 16, 2025, things are always evolving.