Apria Healthcare is a large-scale healthcare equipment provider for home healthcare needs. The company works with over 2 million patients annually in more than 280 different US-based locations. The organization maintains significant health and personal data for patients and employees, making it especially vulnerable to cyber-attacks.
The Apria Healthcare breach occurred when one or more users identified a file systems vulnerability and broke into the organization's file network. Once inside the network, the intruder was able to gather substantial financial, health, and personal data.
The breach first occurred on September 2021, but the company didn't alert anyone about the issue until May 2023. Over that significant time period, investigations took place, and the company coordinated with the FBI to try and resolve the issue. The organization sent out individual notices to the affected individuals in May of 2023.
This Apria breach impacts over 1.9 million patients and employees of the company. Anyone that's identified as being put at risk by this breach will receive a notice from the company. If you get a notice, you can take advantage of Kroll Credit and Identity Monitoring services to safeguard yourself.
There isn't an Apria Healthcare file count available. We only know that a large number of people were impacted by the breach, but the damage could have been caused by just a few files or by tens of thousands of them.