AdaptHealth says attackers sweet-talked their way into cloud systems and stole patient data


AdaptHealth says attackers used social engineering to breach its systems and steal sensitive patient data, including passwords associated with insurance billing.

The medical equipment company disclosed the attack to the Securities and Exchange Commission (SEC) on Thursday, noting that attackers accessed internal patient management systems, document storage platforms, and external electronic health record system portals.

The attack targeted an unwitting third-party contractor, through which the cybercriminals gained entry to the company’s cloud environment, where they accessed business applications holding sensitive data.

Read more…
Source:  The Register


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • A Ransomware Group Is Claiming They’ve Breached Sony’s Systems And Stolen Data

    September 27, 2023

    Although the claims of a data breach are still unverified, Sony has publicly acknowledged the situation and issued a statement to IGN which simply reads, “We are currently investigating the situation, and we have no further comment at this time.” It looks like Sony may have been victim of a breach resulting in the collection of ...

  • Data breaches putting domestic abuse victims’ lives at risk, says UK watchdog

    September 27, 2023

    Councils, police forces and hospitals are putting women’s lives at risk by accidentally disclosing domestic abuse victims’ addresses to perpetrators, the UK’s information watchdog has said. John Edwards, the information commissioner, who has reprimanded seven organisations in just over a year for data breaches affecting victims of abuse, said: “This is a pattern that must ...

  • Hackers break into Russian database with data on hundreds of millions of flights

    September 23, 2023

    Ukrainian hackers have hacked into the Russian database of the Sirena-Travel booking system, obtaining information on 664 million flights over the last 16 years. They also obtained the names, phone numbers and document numbers of the passengers. News of this was posted on the Telegram channel of the hacker community KibOrg. An unknown group called Muppets, ...

  • One of the largest T-Mobile authorized retailers had 90GB of info leaked, including customer data

    September 23, 2023

    T-Mobile is often in the news for the wrong reasons. Yesterday, a glitch in the company’s system showed personal customer information to the wrong account holders. And now, there is fear that freshly leaked data that is available online could help bad actors gain access to sensitive information. In T-Mobile’s defense, the carrier cannot be blamed ...

  • Air Canada releases statement after brief cyber attack

    September 22, 2023

    Air Canada appears to have been the victim of a cyber attack after the company released a statement regarding the incident on September 21st. According to the statement, an authorized group gained what the company describes as “limited” access to an internal Air Canada system. The system was related to the personal information of both staff ...

  • Australia: Pizza Hut says customer data breached in cyber hack

    September 20, 2023

    The personal details of pizza lovers across Australia have been compromised in a cyber attack on Pizza Hut. The popular fast-food chain, with 251 restaurants across the country, revealed it had been hacked in an email to customers on Wednesday. “In early September, we became aware of a cyber security incident where an unauthorised third party ...