AdaptHealth says attackers sweet-talked their way into cloud systems and stole patient data


AdaptHealth says attackers used social engineering to breach its systems and steal sensitive patient data, including passwords associated with insurance billing.

The medical equipment company disclosed the attack to the Securities and Exchange Commission (SEC) on Thursday, noting that attackers accessed internal patient management systems, document storage platforms, and external electronic health record system portals.

The attack targeted an unwitting third-party contractor, through which the cybercriminals gained entry to the company’s cloud environment, where they accessed business applications holding sensitive data.

Read more…
Source:  The Register


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • France: Free ISP announces data breach, millions of users possibly affected

    October 29, 2024

    One of the biggest internet service providers (ISP) in France has confirmed suffering a cyberattack that saw it lose sensitive customer data. A threat actor alias “drusselx” opened a new thread on the infamous Breach forums, advertising a major database for sale, claiming it contains data on 19.2 million Free customers, and holds more than 5.11 ...

  • MoneyGram replaces CEO weeks after massive customer data breach

    October 29, 2024

    Money transfer giant MoneyGram has replaced its chief executive less than a month after confirming that hackers stole reams of customers’ personal information and transaction records in a data breach. In a statement Monday, MoneyGram said it appointed Anthony Soohoo as the company’s chief executive with immediate effect. Soohoo replaces Alex Holmes, who joined MoneyGram in ...

  • Hackers breach sensitive government and police data in Italy

    October 28, 2024

    Prosecutors in Milan have uncovered a network of hackers and former law enforcement officials accused of using malware and insider contacts to break into several government databases, including the Interior Ministry. The group allegedly accessed over 800,000 confidential records, even targeting accounts linked to the president’s office. Prosecutors said on Saturday that the operation was allegedly ...

  • 100 million people hit in largest healthcare data breach in history – medical info, SSNs and more

    October 26, 2024

    More than 100 million people had their personal information and healthcare data stolen in the massive UnitedHealth ransomware attack earlier this year, making it the largest healthcare data breach in the country. After completing its investigation into February’s data breach, the US Department of Health and Human Services said this week that roughly a third of ...

  • Data storage in spotlight of Italian security committee after Intesa breach

    October 22, 2024

    Italy’s influential parliamentary committee on security will hold a round of hearings on data storage following a major breach at the country’s biggest bank Intesa Sanpaolo, people familiar with the matter told Reuters on Tuesday. Intesa Sanpaolo is under investigation by prosecutors in the southern Italian city of Bari after it emerged that the accounts of ...

  • Hong Kong: ‘Lack of care led to sports association data breach’

    October 22, 2024

    The Office of the Privacy Commissioner for Personal Data (PCPD) on Tuesday accused the South China Athletic Association (SCAA) of having inadequate policies and a lack of care, after a data breach affecting more than 72,300 members. An attack by a hacker in March resulted in a breach of members’ personal information, including ID card numbers, ...