ApolloMD Data Breach Exposes 626,000 Individuals

Post Views: 19

Data Breach at ApolloMD Exposes Sensitive Information of Over 626,000 Individuals

A data breach at ApolloMD, a healthcare services provider, has exposed sensitive information of over 626,000 individuals.

Breach Details

The incident occurred in May 2025, when unauthorized parties accessed files containing personally identifiable information (PII) and protected health information (PHI) of affiliated physicians and practices.

The breach, which took place between May 22 and May 23, involved the theft of names, addresses, dates of birth, diagnostic details, provider names, dates of service, treatment information, and health insurance information. In some cases, Social Security numbers may also have been compromised.

Response and Notification

ApolloMD discovered the breach and notified affected physicians and practices by September 2025. The company also began mailing notification letters to impacted individuals, offering them free credit monitoring services.

The US Department of Health and Human Services has since listed the incident on its data breaches portal, confirming that 626,540 individuals were affected.

Threat Actor and Impact

Although ApolloMD has not disclosed details on the threat actor responsible for the attack, the Qilin ransomware group claimed responsibility by adding the company to its Tor-based leak site in early June 2025. Qilin is known for its ransomware attacks, which often involve the theft of sensitive data.

As a provider of integrated physician and practice management services, ApolloMD works with over 125 practices across 18 states, supporting more than 2,500 physicians and advanced practice clinicians. The company is based in Atlanta, Georgia.

Importance of Cybersecurity

The breach serves as a reminder of the importance of robust cybersecurity measures in the healthcare sector, where sensitive patient data is often at risk. Organizations must prioritize the protection of PII and PHI to prevent such incidents and maintain the trust of their patients and partners.

Aftermath and Future Measures

In the aftermath of the breach, ApolloMD has taken steps to notify affected individuals and provide them with support. However, the incident highlights the need for ongoing vigilance and investment in cybersecurity to prevent similar breaches in the future.