Lorain Emergency Physicians Data Breach: Patient Impact Revealed

Lorain Emergency Physicians, LLC, a healthcare organization based in Lorain, Ohio, was recently impacted by a cybersecurity incident. The data breach was linked to ApolloMD Business Services, an affiliate that provides administrative services to physician practices. The Qilin ransomware group claimed responsibility for the attack, which involved the theft of files containing both personal and protected health data belonging patients.

ApolloMD detected suspicious activity in its internal network on May 22, 2025. An investigation determined that the compromised files were accessed between May 22 and May 23, 2025. Exposed information included names, dates of birth, Social Security numbers, addresses, diagnosis information, provider names, dates of service, treatment information, and health insurance information.

ApolloMD began notifying affected practices between July 21 and Sept. 11, 2025. Notification letters were mailed to impacted individuals on Sept. 17, 2025.

The cyberattack affected patients who received care from Lorain Emergency Physicians and several other medical groups throughout the United States. ApolloMD also posted a Notice of Data Security Incident on its website.

Lorain Emergency Physicians' response

Upon discovering the data incident, ApolloMD and its affiliates, including Lorain Emergency Physicians, secured their systems and notified law enforcement. The company is also offering free credit monitoring services to patients whose Social Security numbers were exposed.

If you receive a data breach notice from ApolloMD, Lorain Emergency Physicians or a hospital you received treatment at, you may want to:

• Sign up for the free credit monitoring services, if offered.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

ApolloMD has also established an incident response line to answer questions, or for individuals that believe they may have been involved in the data breach, at 833-397-6797, Monday through Friday, between 8 a.m. and 8 p.m. Eastern Time.