AdaptHealth says attackers used social engineering to breach its systems and steal sensitive patient data, including passwords associated with insurance billing.
The medical equipment company disclosed the attack to the Securities and Exchange Commission (SEC) on Thursday, noting that attackers accessed internal patient management systems, document storage platforms, and external electronic health record system portals.
The attack targeted an unwitting third-party contractor, through which the cybercriminals gained entry to the company’s cloud environment, where they accessed business applications holding sensitive data.
Read more…
Source: The Register
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Australia’s Qantas probing reports of data breach at loyalty app
May 1, 2024
Australia’s Qantas Airways said on Wednesday it was investigating issues impacting its frequent flyer application, after media reports suggested there was a data breach allowing users access to other passengers’ travel information. Multiple local media outlets, citing Qantas customers, are reporting that some users can see strangers’ full travel information, with at least one user being ...
- Hull City Council suffers nine cyber attacks in three years
April 30, 2024
Hull City Council has paid £30,000 in data breach claims and suffered nine cyber attacks in the past three years, a report has found. The local authority confirmed it’s had nine cyber security incidents since 2021, five of which were phishing attacks (scams where attackers deceive people into revealing sensitive information). An investigation by DataBreachClaims.org.uk revealed ...
- Ring agrees to pay $5.6 million after cameras were used to spy on customers
April 25, 2024
Amazon’s Ring has settled with the Federal Trade Commission (FTC) over charges that the company allowed employees and contractors to access customers’ private videos, and failed to implement security protections which enabled hackers to take control of customers’ accounts, cameras, and videos. The FTC is now sending refunds totaling more than $5.6 million to US consumers ...
- UK: Personal details of 200,000 people at risk after neighbourhood watch system data breach
April 24, 2024
The names, email addresses and telephone numbers of up to 200,000 people could have been obtained by hackers following a major data breach at a police-backed alert system. Bosses at the company which manages the ‘In The Know’ alert system, which is used by Lancashire Police and Lancashire Fire and Rescue Service, have apologised. Read more… Source: MSN ...
- United Nations investigating potential ransomware attack after data ripped from IT systems
April 23, 2024
Hackers managed to break into the United Nations Development Programme (UNDP) IT systems in Copenhagen, stealing a wide range of sensitive data. Ransomware gang 8Base has claimed responsibility, posting on its own website that the group had managed to get its hands on employment contracts, personal data, invoices and much more Read more… Source: MSN News Sign up for ...
- Grindr facing UK lawsuit over alleged data protection breaches
April 22, 2024
Gay dating app Grindr is facing a mass data protection lawsuit in London from hundreds of users who allegedly had their private information, including HIV status, shared with third parties without consent, a law firm said on Monday. Austen Hayes, which said the lawsuit is being filed at London’s High Court, said thousands of Grindr users ...

