ApolloMD Data Breach Impacts More Than 620,000

Related

KDDI Confirms Zero-Day Exploit Behind Breach Affecting 12 Million People

What happened KDDI has updated its earlier breach disclosure, confirming...

Aflac Japan Data Breach Impacts 4.38 Million Customers and Agents

What happened Aflac Life Insurance Japan disclosed a data breach...

Nissan Discloses Employee Data Breach Linked to Oracle Zero-Day Attacks

What happened Nissan disclosed a data breach affecting current and...

KDDI Breach Exposes Up to 14.2 Million Email Logins at Six ISPs

What happened Japanese telecommunications operator KDDI disclosed a data breach...

Xsolis Data Breach Affects 1.4 Million Individuals

What happened Healthcare technology company Xsolis disclosed a data breach...

Share

What happened

A cyberattack on the Georgia-based healthcare provider ApolloMD last year resulted in the leak of sensitive information for an estimated 626,540 individuals. According to a filing with the U.S. Department of Health and Human Services, attackers were present in ApolloMD’s IT environment between May 22 and May 23, accessing data for people treated by affiliated physicians and practices. The compromised information included names, dates of birth, addresses, diagnoses, dates of service, treatments, health insurance details, and Social Security numbers. ApolloMD, which provides multispecialty physician services to more than 100 hospitals across 18 states, initially notified customers of the breach in September before disclosing the full number of affected individuals to federal regulators. The ransomware group Qilin claimed responsibility for the attack in June 2025 and has previously targeted healthcare organizations, publishing victim data regularly over the past year.

Who is affected

Patients whose personal and health information was stored by ApolloMD are affected, with an estimated 626,540 individuals’ data — including health insurance and Social Security numbers — accessed during the breach.

Why CISOs should care

The exposure of extensive patient health and identity data through a healthcare provider breach highlights the continuing risk to sensitive personal information when medical IT environments are infiltrated and ransomware actors like Qilin are involved.

3 practical actions

  • Review security posture of healthcare systems. Assess access controls and monitoring for sensitive medical databases.
  • Enhance data loss detection. Deploy tools to spot unusual exfiltration of protected health information.
  • Strengthen incident response plans. Update response playbooks to account for complex healthcare breaches and ransomware actor involvement.
IMG 0514 2
+ posts

John Kevin Hao is a news and feature writer covering cybersecurity, technology, and business targeted for professional audiences.