AdaptHealth says attackers used social engineering to breach its systems and steal sensitive patient data, including passwords associated with insurance billing.
The medical equipment company disclosed the attack to the Securities and Exchange Commission (SEC) on Thursday, noting that attackers accessed internal patient management systems, document storage platforms, and external electronic health record system portals.
The attack targeted an unwitting third-party contractor, through which the cybercriminals gained entry to the company’s cloud environment, where they accessed business applications holding sensitive data.
Read more…
Source: The Register
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Massive New Jersey cybersecurity breach leads to thousands of stolen SSNs
December 7, 2024
The social security numbers, driver’s licenses, payroll, health and other personal details of Hoboken city workers were among the data stolen in a “massive” cybersecurity breach last month. According to a list of thousands of stolen files obtained by The Jersey Journal, every department in City Hall — ranging from payroll to construction, health, and animal ...
- Equifax breach: Check for exposed data, get $125
December 6, 2024
Following a data breach exposing the social security numbers of millions, the credit bureau at fault will also spend millions to pay back those affected. Equifax, one of the three major credit reporting agencies, reached a $700 million settlement with the Federal Trade Commission after they exposed the information of around 147 million people. Over 1.1 ...
- 63% of companies plan to pass data breach costs to customers
December 4, 2024
The rising practice of shaking down customers to pay for security shortfalls could have a silver lining for CISOs, as diluted price competitiveness could convince top brass of the ROI of cybersecurity investments. Consumers may be more on the hook for paying for the rising costs of data breaches than they realize, as companies increasingly turn ...
- Ireland: Woman, 20s, arrested over potential data breach at utility service provider
December 4, 2024
A woman has been arrested over a potential data breach at a national utility service provider last year. The woman, aged in her 20s, was arrested yesterday and is detained at a garda station in Dublin. The potential breach was identified by members of the Garda National Cyber Crime Bureau in 2023. It was referred to ...
- UK: Ransomware hackers target NHS hospitals with new cyberattacks
December 4, 2024
Ransomware hackers have continued an assault on National Health Service trusts across the United Kingdom by compromising multiple hospitals, exposing sensitive patient data and disrupting emergency services. Inc Ransom, a prolific Russia-linked ransomware group that claimed responsibility for an attack on NHS Scotland earlier this year, now claims to have breached the Alder Hey Children’s Hospital ...
- AI chatbot provider exposes 346,000 customer files, including ID documents, resumes, and medical records
December 3, 2024
Researchers have discovered a huge Google Cloud Storage bucket, found freely accessible on the internet and containing a treasure trove of personal information. AI startup WotNot provides companies with the ability to create their own customized chatbot. The company reportedly has 3,000 customers including some household family names. But the way its solution is set up ...

