Theregister
AdaptHealth Cybersecurity Incident Exposes Patient Data and Billing Passwords
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
AdaptHealth Corp. reported a material cybersecurity incident involving unauthorized access to its cloud-based systems, specifically targeting internal patient management and document storage platforms. The breach occurred through a social engineering attack on a third-party contractor, leading to the exfiltration of a password file linked to insurance billing and some patients' personally identifiable information (PII). No Social Security numbers or financial account data were compromised. The company activated its incident response protocols, disabling the compromised account, resetting credentials, and enhancing access controls. As of now, operations and patient services remain unaffected, but the full scope and financial impact of the breach are still under investigation. AdaptHealth has engaged external cybersecurity experts and notified law enforcement regarding the incident.
Key Points: • AdaptHealth experienced a significant data breach due to a social engineering attack on a third-party contractor. • Sensitive patient data, including billing passwords and PII, was exfiltrated, but no financial data was compromised. • The company has activated incident response measures and is investigating the full scope of the breach.