AdaptHealth says attackers stole patient data

Bender1 pts0 comments

AdaptHealth: Crooks stole our passwords, patient health data

Jump to main content

Search

REG AD

Security

AdaptHealth says attackers sweet-talked their way into cloud systems and stole patient data

Third-party contractor compromise exposed health information and insurance billing passwords

Connor Jones

Connor<br>Jones

Cybersecurity reporter

Published<br>fri 3 Jul 2026 // 15:29 UTC

AdaptHealth says attackers used social engineering to breach its systems and steal sensitive patient data, including passwords associated with insurance billing.<br>The medical equipment company disclosed the attack to the Securities and Exchange Commission (SEC) on Thursday, noting that attackers accessed internal patient management systems, document storage platforms, and external electronic health record system portals.<br>The attack targeted an unwitting third-party contractor, through which the cybercriminals gained entry to the company's cloud environment, where they accessed business applications holding sensitive data.

REG AD

AdaptHealth activated its incident response protocols soon after the attacker contacted the company on June 15 and disclosed the theft.

REG AD

It did not specify whether an extortion demand was made, nor whether one was paid, and no cybercrime group had claimed responsibility at the time of writing.<br>The company's response included disabling the contractor's user account, resetting credentials, and implementing additional access controls. It believes the attack is now contained.<br>In addition to the "password file associated with insurance billing," AdaptHealth confirmed that personally identifiable information (PII) and protected health information of certain patients were also stolen.<br>Social Security numbers and payment details are not thought to be affected.<br>On June 27, AdaptHealth determined that "due to the nature and potential volume of the data that is at risk," the attack can be considered material, requiring disclosure to the SEC.

MORE CONTEXT

One in seven Brits swapped their GP for ChatGPT, study finds

NHS disability equipment provider on brink of collapse a year after cyberattack

Smooth AI criminal drives 'first' end-to-end agentic ransomware attack

Every employee’s password was stored in a single Excel file

The company did not comment on the exact scale of the attack or the related data theft, but said investigations continue to determine the scope of the breach.<br>It also said it "has since taken steps intended to mitigate the risk of dissemination of the exfiltrated data."<br>The Register asked AdaptHealth for more information, including whether it received any extortion demands and what steps it took to reduce the risk of the stolen data being distributed or misused.

REG AD

Pennsylvania-based AdaptHealth provides home medical equipment and related services for patients with chronic and serious conditions.<br>Founded in 2012, it specializes in respiratory, sleep, and diabetes therapies. According to a 2024 annual report, it serves more than 4.2 million patients across all 50 US states. ®

security

REG AD

Security

AdaptHealth says attackers sweet-talked their way into cloud systems and stole patient data

Third-party contractor compromise exposed health information and insurance billing passwords

systems

Startup targets datacenters with 3D-printed nuclear reactor module

Fancy a thorium microreactor capable of delivering up to 30 MWe of juice for up to 30 years?

In a volatile world, a consistent sustainability policy is critical

SPONSORED FEATURE: ZTE unveils 2025 milestones

Security

NetNut cracked as Google and FBI target 2 million-device botnet

Other residential proxy brands may rely on the same network

Offbeat

Boffins peg narcissistic leadership as the real driver behind 'return to office' demands

It's not about productivity; it's about bosses missing their daily ego fix

AI AND ML

AI bills are baffling the C-suite after shift to usage-based pricing

KPMG finds nearly a third of execs struggle to understand costs as companies rethink deployments

MOST POPULAR

os platforms

Former Microsoft engineer shrinks Notepad down to size

Security

Hackers shoveled snow for company, were rewarded with network admin access

systems

Micron locks in historically high memory prices for five years

AI AND ML

New humanoid robots from China look like creepy pop star action figures – complete with slightly dodgy lip-synch

AI and ML

How the AI bubble could pop and take down the global economy, according to the BIS

AI

AI and ML

Nvidia floats double-dipping datacenter financing scheme

What's better than getting paid once? Getting paid twice of course

AI and ML

Companies that add more AI also add more people

But doing so doesn't necessarily meet business needs

ai and ml

SoftBank enters the rent-a-GPU race as America looks for support for AI training

Japanese giant needs to find some use for that 10 GW US server farm it is building

ai and ml

UN warns of need for global...

adapthealth data patient security systems company

Related Articles