APOLLOMD says a May 2025 cyberattack exposed the personal and health information of patients across affiliated physicians and practices, with the incident unfolding between 22 May and 23 May. The breach affected 626,000-plus individuals, with files containing names, addresses, dates of birth, diagnostic details, provider names, dates of service, treatment information and health insurance details accessed; for some, Social Security numbers were involved.
By September 2025, notification letters were being mailed to impacted individuals and free credit monitoring was offered. The U.S. Department of Health and Human Services later listed the firm on its data breaches portal, revealing that 626,540 individuals were impacted. ApolloMD has not disclosed details on the threat actor, but the Qilin ransomware group added the company to its Tor-based leak site in early June 2025.
ApolloMD is based in Atlanta, Georgia, and provides multispecialty physician and practice management services to more than 125 practices across 18 states.