ApolloMD Business Services, a provider of administrative and IT services to physician practices, suffered a cybersecurity breach between **May 22–23, 2025**, when an unauthorized cybercriminal accessed its IT environment. The incident exposed **personally identifiable information (PII) and protected health information (PHI)** of patients, including **names, dates of birth, Social Security numbers, addresses, medical diagnoses, treatment details, provider names, service dates, and health insurance data**. The breach had a **broad impact**, affecting multiple affiliated physician groups, including **Olive Branch Emergency Physicians LLC**. Detection occurred on **May 22, 2025**, but notifications to impacted parties were delayed, with physician practices informed between **July 21 and September 11, 2025**, and patients notified via mail on **September 17, 2025**. ApolloMD responded by engaging law enforcement, enhancing security measures, and offering **free credit monitoring** to victims whose SSNs were compromised. The incident posed significant risks of **identity theft, financial fraud, and phishing attacks** leveraging the exposed data.
Source: https://www.claimdepot.com/data-breach/olive-branch-emergency-physicians-2025
TPRM report: https://www.rankiteo.com/company/apollomd
"id": "apo5862258092725",
"linkid": "apollomd",
"type": "Cyber Attack",
"date": "5/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'Healthcare',
'location': 'Olive Branch, Mississippi, USA',
'name': 'Olive Branch Emergency Physicians LLC',
'type': 'Emergency Medicine Group'},
{'industry': 'Healthcare',
'name': 'ApolloMD Business Services',
'type': 'Administrative and IT Services Provider'},
{'industry': 'Healthcare',
'name': 'Multiple affiliated physician practices '
'(unspecified)',
'type': 'Healthcare Providers'}],
'customer_advisories': ['Patients advised to enroll in credit monitoring',
'Patients advised to monitor financial accounts and '
'credit reports',
'Patients warned about potential phishing attempts'],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (includes PII and PHI)',
'type_of_data_compromised': ['Names',
'Dates of birth',
'Social Security numbers',
'Addresses',
'Diagnoses information',
'Provider names',
'Dates of service',
'Treatment information',
'Health insurance information']},
'date_detected': '2025-05-22',
'date_publicly_disclosed': '2025-09-17',
'description': 'Olive Branch Emergency Physicians LLC, an emergency medicine '
'group based in Olive Branch, Mississippi, experienced a '
'cybersecurity incident originating from ApolloMD Business '
'Services, a provider of administrative and IT services to '
'affiliated physician practices. Between May 22 and May 23, '
'2025, a cybercriminal gained unauthorized access to '
'ApolloMD’s IT environment, exposing personally identifiable '
'information (PII) and protected health information (PHI) of '
'patients. The breach impacted multiple affiliated physician '
'groups, including Olive Branch Emergency Physicians. ApolloMD '
'detected the breach on May 22, 2025, and notified affected '
'parties between July 21, 2025, and September 17, 2025. The '
'company implemented enhanced security measures and offered '
'free credit monitoring to impacted individuals.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of sensitive patient data',
'data_compromised': ['Personally Identifiable Information (PII)',
'Protected Health Information (PHI)'],
'identity_theft_risk': 'High (due to exposure of SSNs and other '
'sensitive data)',
'systems_affected': ['ApolloMD IT environment']},
'initial_access_broker': {'high_value_targets': ['Patient PII and PHI']},
'investigation_status': 'Ongoing (as of description date)',
'post_incident_analysis': {'corrective_actions': ['Enhanced security '
'protocols']},
'ransomware': {'data_exfiltration': True},
'recommendations': ['Sign up for free credit monitoring services if offered',
'Monitor credit reports and financial accounts for '
'unusual activity',
'Be alert for phishing emails or calls using exposed '
'information',
'Consider placing a fraud alert or credit freeze with '
'major credit bureaus'],
'references': [{'source': 'ApolloMD Notice of Data Security Incident'}],
'response': {'communication_strategy': ['Notice of Data Security Incident '
'published on ApolloMD’s website',
'Notifications sent to affiliated '
'physician practices (July 21, 2025 – '
'Sept. 11, 2025)',
'Patient notifications via mail '
'(Sept. 17, 2025)',
'Established incident response line '
'(833-397-6797)'],
'enhanced_monitoring': True,
'incident_response_plan_activated': True,
'law_enforcement_notified': True,
'remediation_measures': ['Enhanced security protocols']},
'stakeholder_advisories': ['ApolloMD incident response line: 833-397-6797 '
'(Mon–Fri, 8 a.m.–8 p.m. ET)'],
'threat_actor': 'Cybercriminal (unknown specific group)',
'title': 'Data Breach at ApolloMD Affecting Olive Branch Emergency Physicians '
'LLC and Other Affiliated Practices',
'type': ['Data Breach', 'Unauthorized Access']}