AdaptHealth says attackers used social engineering to breach its systems and steal sensitive patient data, including passwords associated with insurance billing.
The medical equipment company disclosed the attack to the Securities and Exchange Commission (SEC) on Thursday, noting that attackers accessed internal patient management systems, document storage platforms, and external electronic health record system portals.
The attack targeted an unwitting third-party contractor, through which the cybercriminals gained entry to the company’s cloud environment, where they accessed business applications holding sensitive data.
Read more…
Source: The Register
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- National Public Data Files for Bankruptcy Following Massive Data Breach
October 11, 2024
Jerico Pictures, the parent company of National Public Data (NPD) and the center of a massive data breach that exposed the personal data of an estimated 2.7 billion people, has filed for Chapter 11 Bankruptcy. National Public Data is a background check company that allows its customers to search billions of records with instant results. The ...
- Internet Archive data breach exposes more than 31 million user accounts
October 11, 2024
The Internet Archive, a popular digital library known for its Wayback Machine, was hacked and suffered a data breach that reportedly exposed 31 million user accounts. Founder Brewster Kahle confirmed in a post on the social media platform X that a cyberattack on Tuesday knocked the website offline. He also said that usernames, emails, and encrypted ...
- API Security Exposed: The Role of API Vulnerabilities in Real-World Data Breaches
October 10, 2024
This Trend Micro research discusses real-world API vulnerabilities and shows the risks companies face every day. We start our journey with two popular API gateways: APISIX and Kong. The researchers found over 600 APISIX instances and hundreds of thousands of Kong gateways accessible online. Each one is a door waiting for attackers to knock. However, the ...
- European government systems hit by air-gap malware attack
October 9, 2024
In the last five years, hackers managed to steal sensitive information from air-gapped systems belonging to different European governments on at least three separate occasions. An air-gapped system is a computer or network that is physically isolated from unsecured networks, such as the internet, to prevent unauthorized access and enhance security. Still, crooks managed to steal ...
- MoneyGram data breach included Social Security numbers, government documents, bank and other sensitive data
October 9, 2024
MoneyGram is back online after a cybersecurity breach disrupted services and compromised personal information. Between September 20 and 22, an “unauthorized third party” accessed and acquired the personal data of certain MoneyGram customers, the company said, leaving users unable to access their accounts. The money-sending service provided an update this past Monday, confirming that systems are ...
- Casio Faces Cyberattack: Service Disruptions and Delayed G-Shock Releases
October 9, 2024
Casio, a well-known Japanese electronics company, experienced a significant cyberattack on October 5th. The company reported that an unidentified third party illegally accessed its network, causing system failures and service disruptions. In a statement on October 8th, Casio expressed regret for the inconvenience this has caused to its customers and stakeholders. The company is actively investigating ...

