ApolloMD Data Breach Investigation
ApolloMD has allegedly fallen victim to a ransomware attack conducted by the Qilin group, a cybercriminal organization that has emerged as a prominant threat actor. Qilin leads 2025’s ransomware surge in healthcare, with 24 attacks in under five months, establishing itself as one of the most aggressive ransomware operators targeting medical facilities.
This particular breach involved 238GB of leaked data, a substantial volume of sensitive information potentially compromised. This potentially massive data exposure raises serious concerns about patient privacy and regulatory compliance violations. Contact our data breach lawyers to learn more about how to file a class action claim following any data theft incident.
ApolloMD is issuing notification letters on behalf of the following covered entities:
- Passaic Hospitalist Services, LLC
- Passaic River Physicians, LLC
- Pensacola Hospitalist Physicians, LLC
- Broad River Physicians Group, LLC
- Olive Branch Emergency Physicians, LLC
- Aurora Emergency Physicians, LLC
- The Bortolazzo Group, LLC
- Methodist University Emergency Physicians, PLLC
- Trinity Emergency Physicians, LLC
- Lorain Emergency Physicians, LLC
- Pennsylvania Hospitalist Group, LLC
Scope of Impact & Affected ApolloMD Entities
The information leaked varies by patient and includes names in combination with one or more
of the following: dates of birth, addresses, diagnosis information, provider names, dates of service, treatment information, and/or health insurance information. For some individuals, the incident may have also involved their Social Security numbers.
ApolloMD operates as a comprehensive healthcare services provider with extensive reach across the United States. The company functions as a national medical group collaborating with over 100 healthcare facilities nationwide. Their services encompass emergency medicine, hospitalist programs, and specialized medical staffing solutions.
The organization provides critical radiology services, as well as revenue cycle management and clinical support to hospitals nationwide. This broad operational scope means the breach potentially affects numerous hospitals, medical centers, and healthcare systems that rely on ApolloMD’s services.
Given ApolloMD’s role as a third-party healthcare service provider, the breach likely impacted multiple categories of entities including partner hospitals, affiliated medical centers, contracted healthcare facilities, patients receiving services at ApolloMD-supported locations, healthcare professionals employed or contracted through ApolloMD, and administrative staff across the network. The following facilities may have been impacted:
Passaic Hospitalist Services LLC, Pensacola Hospitalist Physicians LLC, Broad River Physicians Group LLC, Olive Branch Emergency Physicians LLC, Aurora Emergency Physicians LLC, Passaic River Physicians LLC, The Bortolazzo Group LLC, Methodist University Emergency Physicians PLLC, Trinity Emergency Physicians LLC, Lorain Emergency Physicians LLC and Pennsylvania Hospitalist Group LLC
Why Hire The Lyon Firm
Healthcare data breaches demand immediate legal expertise to navigate complex regulatory requirements and protect patient rights. The Lyon Firm has years of experience in the area of healthcare cybersecurity law, offering comprehensive breach response services including HIPAA compliance guidance, regulatory notification support, and patient advocacy.
Our experienced team understands the unique challenges facing healthcare organizations and works diligently to minimize legal exposure while ensuring proper patient protection protocols are followed throughout the recovery process.