/

Apria Data Breach: What & How It Happened?

Apria Data Breach: What & How It Happened?

Twingate Team

Jun 14, 2024

Apria Healthcare, a provider of home healthcare equipment and services, faced a data breach that took place between April 2019 and October 2021. The breach was discovered in October 2021, and the company recently notified the affected individuals. The main goal of the unauthorized access was to fraudulently obtain funds from Apria, rather than stealing personal information. Although no evidence of funds being removed was found, a small number of emails and files were confirmed to have been accessed.

How many accounts were compromised?

The breach impacted data related to 1.87 million individuals.

What data was leaked?

The data exposed in the breach included personal, financial, and health data, such as medical, health insurance, and financial information, as well as some Social Security numbers and financial account numbers or credit/debit card numbers in combination with security codes, access codes, passwords, or PINs for the accounts.

How was Apria hacked?

Attackers targeted Apria Healthcare with the intent to fraudulently obtain funds, rather than steal personal information. The breach occurred in two separate time periods, and although a small number of emails and files were accessed, no data was taken from any system. The specific methods used by the hackers remain unclear.

Apria's solution

In response to the hacking incident, Apria Healthcare took several measures to enhance security and prevent future breaches. These actions included conducting a thorough review of the affected systems and implementing additional security measures as advised by forensic investigators. Although specific details about the security enhancements remain unclear, Apria worked closely with the FBI and forensic experts to ensure the protection of their systems and data.

How do I know if I was affected?

Apria Healthcare has notified individuals believed to be affected by the breach. If you're an Apria customer and haven't received a notification, you may visit Have I Been Pwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for any accounts that may have been affected. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your financial and health-related accounts for any suspicious activity. Report any unusual transactions or changes to the appropriate institutions immediately.

For more specific help and instructions related to Apria's data breach, please contact Apria's support directly.

Where can I go to learn more?

If you want to find more information on the Apria data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

Apria Data Breach: What & How It Happened?

Apria Data Breach: What & How It Happened?

Twingate Team

Jun 14, 2024

Apria Healthcare, a provider of home healthcare equipment and services, faced a data breach that took place between April 2019 and October 2021. The breach was discovered in October 2021, and the company recently notified the affected individuals. The main goal of the unauthorized access was to fraudulently obtain funds from Apria, rather than stealing personal information. Although no evidence of funds being removed was found, a small number of emails and files were confirmed to have been accessed.

How many accounts were compromised?

The breach impacted data related to 1.87 million individuals.

What data was leaked?

The data exposed in the breach included personal, financial, and health data, such as medical, health insurance, and financial information, as well as some Social Security numbers and financial account numbers or credit/debit card numbers in combination with security codes, access codes, passwords, or PINs for the accounts.

How was Apria hacked?

Attackers targeted Apria Healthcare with the intent to fraudulently obtain funds, rather than steal personal information. The breach occurred in two separate time periods, and although a small number of emails and files were accessed, no data was taken from any system. The specific methods used by the hackers remain unclear.

Apria's solution

In response to the hacking incident, Apria Healthcare took several measures to enhance security and prevent future breaches. These actions included conducting a thorough review of the affected systems and implementing additional security measures as advised by forensic investigators. Although specific details about the security enhancements remain unclear, Apria worked closely with the FBI and forensic experts to ensure the protection of their systems and data.

How do I know if I was affected?

Apria Healthcare has notified individuals believed to be affected by the breach. If you're an Apria customer and haven't received a notification, you may visit Have I Been Pwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for any accounts that may have been affected. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your financial and health-related accounts for any suspicious activity. Report any unusual transactions or changes to the appropriate institutions immediately.

For more specific help and instructions related to Apria's data breach, please contact Apria's support directly.

Where can I go to learn more?

If you want to find more information on the Apria data breach, check out the following news articles:

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

Apria Data Breach: What & How It Happened?

Twingate Team

Jun 14, 2024

Apria Healthcare, a provider of home healthcare equipment and services, faced a data breach that took place between April 2019 and October 2021. The breach was discovered in October 2021, and the company recently notified the affected individuals. The main goal of the unauthorized access was to fraudulently obtain funds from Apria, rather than stealing personal information. Although no evidence of funds being removed was found, a small number of emails and files were confirmed to have been accessed.

How many accounts were compromised?

The breach impacted data related to 1.87 million individuals.

What data was leaked?

The data exposed in the breach included personal, financial, and health data, such as medical, health insurance, and financial information, as well as some Social Security numbers and financial account numbers or credit/debit card numbers in combination with security codes, access codes, passwords, or PINs for the accounts.

How was Apria hacked?

Attackers targeted Apria Healthcare with the intent to fraudulently obtain funds, rather than steal personal information. The breach occurred in two separate time periods, and although a small number of emails and files were accessed, no data was taken from any system. The specific methods used by the hackers remain unclear.

Apria's solution

In response to the hacking incident, Apria Healthcare took several measures to enhance security and prevent future breaches. These actions included conducting a thorough review of the affected systems and implementing additional security measures as advised by forensic investigators. Although specific details about the security enhancements remain unclear, Apria worked closely with the FBI and forensic experts to ensure the protection of their systems and data.

How do I know if I was affected?

Apria Healthcare has notified individuals believed to be affected by the breach. If you're an Apria customer and haven't received a notification, you may visit Have I Been Pwned to check your credentials.

What should affected users do?

In general, affected users should:

  • Change Your Passwords: Immediately update your passwords for any accounts that may have been affected. Make sure the new passwords are strong and unique, not previously used on any other platform.

  • Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

  • Enable Two-Factor Authentication (2FA): Activate 2FA on any affected accounts. Consider enabling this additional security feature on all other important online accounts to significantly reduce the risk of unauthorized access.

  • Monitor Your Accounts: Keep an eye on your financial and health-related accounts for any suspicious activity. Report any unusual transactions or changes to the appropriate institutions immediately.

For more specific help and instructions related to Apria's data breach, please contact Apria's support directly.

Where can I go to learn more?

If you want to find more information on the Apria data breach, check out the following news articles: