AdaptHealth says attackers sweet-talked their way into cloud systems and stole patient data


AdaptHealth says attackers used social engineering to breach its systems and steal sensitive patient data, including passwords associated with insurance billing.

The medical equipment company disclosed the attack to the Securities and Exchange Commission (SEC) on Thursday, noting that attackers accessed internal patient management systems, document storage platforms, and external electronic health record system portals.

The attack targeted an unwitting third-party contractor, through which the cybercriminals gained entry to the company’s cloud environment, where they accessed business applications holding sensitive data.

Read more…
Source:  The Register


Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox


Related:

  • Data breach hits Navy contractor Fincantieri Marine Group

    January 15, 2024

    Italian shipbuilding firm Fincantieri’s U.S. arm Fincantieri Marine Group, which is a contractor for the U.S. Navy, disclosed that it had 16,769 individuals’ data compromised following an April ransomware attack that resulted in significant production disruptions. In breach notification letters sent to impacted individuals earlier this month, FMG said that some of its systems had been ...

  • Hyundai Motor India fixes bug that exposed customers’ personal data

    January 12, 2024

    Hyundai’s India subsidiary has fixed a bug that exposed its customers’ personal information in the South Asian market. TechCrunch reviewed a portion of the exposed data that included the registered owner name, mailing address, email address and phone number of Hyundai Motor India customers who have serviced their vehicles at any of the company’s authorized service ...

  • Dallas says cyberattack targeted more people than previously disclosed

    January 11, 2024

    Hackers who targeted the city of Dallas had access to the addresses, Social Security numbers and other personal information of nearly 300 more people than what had been previously disclosed to the public, city officials now say. The city’s spokesperson confirmed on Wednesday that further internal investigations into the cyberattack determined an additional 293 people, including ...

  • Texas-based care provider HMG Healthcare says hackers stole unencrypted patient data

    January 10, 2024

    Texas-based care provider HMG Healthcare has confirmed that hackers accessed the personal data of residents and employees, but says it has been unable to determine what types of data were stolen. HMG Healthcare is headquartered in The Woodlands, Texas, and provides a range of services, including memory care, rehabilitation, and assisted living. HMG’s website says it ...

  • Australia: The Iconic denies responsibility for data breach

    January 10, 2024

    The Iconic has denied responsibility for a series of data breaches that saw Aussies’ bank balances drained of thousands of dollars after their accounts with the retailer were compromised. Earlier this week, news.com.au revealed customers at Australia’s largest online retailer had reported a large number of hacking attempts and security breaches, with bad actors successfully compromising ...

  • Fidelity National Financial says hackers stole data on 1.3 million customers

    January 9, 2024

    Real estate services giant Fidelity National Financial (FNF) has confirmed hackers stole data on 1.3 million of its customers during a November cyberattack that knocked the company offline for a week. FNF said in a filing Tuesday with federal regulators: “We determined that an unauthorized third-party accessed certain FNF systems, deployed a type of malware that ...