https://techcrunch.com/2025/07/14/episource-is-notifying-millions-of-people-that-their-health-data-was-stolen/
Anyone hear anything about this? Optum owns Episource, the breach occurred in February 2025 according to the article and according to the US Dept of Health and Human Services, it was reported on 6/6/25 and affected 5418866 individuals.
@kv I report to him and the only thing I learned from him was fake it until you make it. He has zero experience in security and whatever the rumors about him, he would for sure make females uncomfortable. Please don’t judge his team by his behavior!
Apparently Nico was impacted by the TIF today. Just goes to show his longevity. His peers always questioned his decision making and he knows very little about preventing attacks. The bus has come and hit Nico like it hit many that he pushed!
@ht I'm aware of Gretchen and rest of the check-box people, but the same beat is going on still with Troen promotions. As far as Steve Martin and other unqualified people in infosec, they are there because those who put them there expect them to be people leaders rather than a technical leader. They expect the 'downstream' techies to keep them propped up.
Zero-trust isn't that hard, it's been around for years. The problem for Optum and the UHG acquisition breaches results from politics that shouldn't be there. Look no further than Triple-S hiring back their former employees from what was known as OptumConnect. To much talk and not enough of the right actions.
Nico is not qualified for his current role nor in any way for an architecture job. If he can sit down and explain network traffic as it flows through the infrastructure along with understanding how to secured the infrastructure end-2-end great, otherwise bring in people who have and continue to grow their skills and knowledge.
@hr you just need to see who’s leading these teams… Nico who had a strange relationship with his boss, throwing people under the bus to cover his bad risk decisions.. Gretchen who led the paper pushing useless GRC and then you had a bunch of ops people who were so disconnected! WTF was Steve Martin and the Chsnge people doing in cyber security???
Key cyber leaders need to be fired!
@bn The M&A due diligence is broken along with the ongoing monitoring. The outsourcing of audits to offshore locations hasn't helped either along with the non-technical GRC people.
Yes, this was kept as a N2K (Need to Know) given the other security fiascos going on. Essentially some of the key people from EIS were laid-off and they left people in place that didn't have a hands-on background and didn't created the processes required to prevent or catch weak controls.
There are too many CISOs, there are too many VPs and to many layers of management across the security org. The architects and GRC tech people who designed the M&A due diligence are gone. There are some good people around but not enough.
VP CISO Tim Knight and VP of GRC and Security Heather should find out who has actually produced documentation and processes. No more copy paste, no more letting people stay to were hired by past bad leaders and if your certs and licenses are expired, get out and let those who know how to stop the breach drama do their jobs.
Feels like Optum is doing it on purpose at this point. Trying to blame and cut the acquired companies.
Looks like we need more head-wobbling yes-men to tell you everything is running great! I bet you're glad you saved all that money by offshoring almost all of IT! Yay Optum!
🤡🤡🤡🤡🤡🤡
I work at Burger King
Making flame broiled Whoppers
I wear paper hats
Would you like an apple pie with that?
Would you like an apple pie with that?
Ding fries are done.
classic