AdaptHealth says attackers sweet-talked their way into cloud systems and stole patient data


AdaptHealth says attackers used social engineering to breach its systems and steal sensitive patient data, including passwords associated with insurance billing.

The medical equipment company disclosed the attack to the Securities and Exchange Commission (SEC) on Thursday, noting that attackers accessed internal patient management systems, document storage platforms, and external electronic health record system portals.

The attack targeted an unwitting third-party contractor, through which the cybercriminals gained entry to the company’s cloud environment, where they accessed business applications holding sensitive data.

Read more…
Source:  The Register


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Cartier confirms data breach, warns customers of potential targeted attacks

    June 2, 2025

    Cartier, the famous jewellery and watchmaker, is owned by Richemont, a Swiss-based luxury conglomerate has notified customers of a data breach that exposed limited personal information following a security lapse in its systems. The brand said the breach was swiftly contained and emphasised that no financial or sensitive login data was compromised. In a letter sent ...

  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump

    May 31, 2025

    A mystery whistleblower calling himself GangExposed has exposed key figures behind the Conti and Trickbot ransomware crews, publishing a trove of internal files and naming names. The leaks include thousands of chat logs, personal videos, and ransom negotiations tied to some of the most notorious cyber-extortion gangs —believed to have raked in billions from companies, hospitals, ...

  • Melbourne-based financial services and advice firm hit with cyber attack

    May 30, 2025

    Financial services aggregate 3P Corporation has denied its data was breached in an April attack; however, hackers have published more than 200 gigabytes of internal documents and customer data online. The Space Bears ransomware gang listed Victorian financial services firm 3P Corporation as a victim on its darknet leak site in early April, and has since ...

  • FBI probes effort to impersonate White House chief of staff Susie Wiles

    May 29, 2025

    One or more unknown people accessed White House chief of staff Susie Wiles’ personal cellphone and used her contacts file to reach out to other top officials and impersonate her, sources told CBS News Thursday. Some of the recipients realized the messages were suspicious because the texts and calls came from an unknown number, sources said, ...

  • UK: NHS patient data at risk in major cyber attack

    May 28, 2025

    A newly uncovered cyber attack has exposed sensitive information at two major NHS trusts, raising fears that patient records could be at risk. University College London hospitals, NHS Foundation Trust, and University Hospital Southampton, NHS Foundation Trust were among the victims identified in a widespread cyber breach.  analysed by cybersecurity firm EclecticIQ. The company have said ...

  • Retail Under Siege: What Recent Cyber Attacks Tell Us About Today’s Threat Landscape

    May 27, 2025

    When several major UK organizations, including well-known retail brands, found themselves caught in a cyber attack earlier this year, it made headlines. But this incident wasn’t the first, and it won’t be the last. It reflects a growing trend where attackers exploit third-party vendors to breach multiple businesses through a single point of entry. In one ...