Epocrates has fixed an issue in older versions of its mobile application regarding how login credentials were transmitted. In addition to releasing the new versions in the App Store and on Google Play, Epocrates is proactively communicating to the Epocrates community what happened, and encouraging users to update to the latest version, including having direct communications with users who appear not to have updated. Importantly, there is no indication that any user’s Epocrates credentials were compromised, but as a security precaution we are recommending that users also reset their passwords once they update the app.

On November 16, 2015, academic researchers Jingjing Ren and David Choffnes of the Recon Project at Northeastern University notified Epocrates of this issue. The researchers identified similar issues in approximately 200 other applications. We took their report seriously and acted quickly to protect our users, releasing a new version of the application on November 21, 2015 that corrected the issue.

You should update your Epocrates app on all of your devices to the latest version through the App Store or Google Play, and then change your Epocrates password. If you use the same credentials on other sites, we suggest you change your passwords on those sites as well.

As your most trusted business partner, we strive to provide the best possible security across our suite of services. We apologize for any inconvenience this has caused.

Please contact us if you need help or have any questions. Thank you.