A cyberattack last year on a prominent Georgia-based healthcare company leaked the sensitive information of 626,540 people, according to a new filing with the U.S. Department of Health and Human Services.
ApolloMD notified customers of a data breach in September but provided federal regulators with the full number of victims on Tuesday. The company is a medical group that provides multispecialty physician services to more than 100 hospitals. They have more than 125 practices across 18 states and treat about 4 million patients each year.
The company told victims in September about the breach, and said an investigation revealed hackers were in ApolloMD’s IT environment between May 22 and May 23.
While inside, the hackers accessed information for people treated by ApolloMD’s affiliated physicians and practices — including names, dates of birth, addresses, diagnoses, dates of service, treatments, health insurance data and Social Security numbers.
The attack was claimed by the Qilin ransomware gang in June 2025. The group has targeted the healthcare industry repeatedly since emerging several years ago, causing outages at hospitals across several states last year and in the U.K. in 2024.
Cisco Talos published a study finding that the gang published the information of about 40 victims per month last year.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Jonathan Greig
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.
