Apria Healthcare Data Breach Affects 1.8 million Patients - Shub & Johns Investigates

Shub & Johns LLC is currently investigating Apria Healthcare for an apparent failure to safeguard sensitive patient health and financial information in a data breach that was detected on or around October 1, 2021!

Apria Healthcare, a Minnesota-based home medical equipment provider, discovered in October 2021 that an unauthorized party had gained access and kept access of some of their systems for over 2 years. Between April 5 and May 7, 2019 and again from August 27 to October 10, 2021, the unknown entity had access to private patient files. Apria Healthcare determined that though the bad actor’s primary intention was to obtain funds from the healthcare provider, patient and employee information was still made available. Apria has alerted the Maine Attorney General’s office that at least 1.8 million individuals have been affected by this data breach. Though the breach occurred and was discovered in 2021, Apria Healthcare only sent out notices of the data breach to affected patients on May 22, 2023.

Though Apria Healthcare has remained broad and general about the data that has been exposed, the affected patient information may have included personal, medical, health insurance, and financial information. For some individuals this can include Social Security Numbers.

The cybercriminals responsible for the breach may have already obtained and sold the compromised patient information. In previous data breaches, victims of data theft have noticed identity theft attempts ranging from fraudulent charges on bank accounts or credit cards, medical and/or government services ordered in their name, or their information being posted on the dark web.

Have you recently received a data breach notification from Apria Healthcare? If so, we would like to hear from you.  Please complete the contact form on this page or contact us at 610-477-8380 or info@shublawyers.com.