Aurora Emergency Physicians Data Breach Impacts Patients

Aurora Emergency Physicians, LLC, a small Illinois-based emergency medicine provider, was impacted by a significant data breach. The cyberattack was first detected on May 22, 2025, when ApolloMD Business Services, an affiliated business associate providing administrative services, discovered suspicious activity within its IT environment.

An investigation determined that an unauthorized actor accessed files containing sensitive patient information maintained by ApolloMD between May 22 and May 23, 2025. The cyberattack affected Aurora Emergency Physicians and several other physician practices ApolloMD does business with.

Compromised information included both personally identifiable information (PII) and protected health information (PHI). Exposed information included names, Social Security numbers, dates of birth, addresses, diagnosis information, provider names, dates of service, treatment details and health insurance information.

The combination of exposed data increases the risk of identity theft and financial or medical fraud. The total number of impacted individuals has not been released, but is believed to include thousands of patients.

ApolloMD published a Notice of Data Security Incident on its website and began notifying affected patients by mail on Sept. 17, 2025.

Aurora Emergency Physicians' response

Upon discovering the incident, ApolloMD and its affiliates, including Aurora Emergency Physicians, secured their systems and notified law enforcement. The company is also offering free credit monitoring services to patients whose Social Security numbers were exposed.

If you receive a data breach notice from ApolloMD, Aurora Emergency Physicians or a hospital you received treatment at, you may want to:

• Sign up for the free credit monitoring services, if offered.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

ApolloMD has also established an incident response line to answer questions, or for individuals that believe they may have been involved in the data breach, at 833-397-6797, Monday through Friday, between 8 a.m. and 8 p.m. Eastern Time.