Pennsylvania Hospitalist Group Breach Exposes Sensitive Patient Info

Pennsylvania Hospitalist Group, LLC, a medical practice specializing in emergency medicine, experienced a cybersecurity incident. The data breach occurred when an unauthorized actor gained access to the computer network of ApolloMD Business Services, a third-party billing services provider affiliated with the group and several other physician practices.

The cyberattack was first discovered on May 22, 2025, after unusual activity was observed in ApolloMD’s internal systems. An investigation determined that a data breach occurred between May 22 and May 23, 2025, when files containing sensitive patient information were potentially accessed. The Qilin ransomware group claimed responsibility for the attack.

The total number of affected individuals has not been released but is believed to include thousands of patients from multiple physician practices. Compromised information included names, Social Security numbers, dates of birth, addresses, diagnosis information, provider names, dates of service, treatment information and health insurance information.

ApolloMD published a Notice of Data Security Incident on its website. The company began notifying impacted individuals by mail on Sept. 17, 2025.

Pennsylvania Hospitalist Group's response

Upon discovering the breach, ApolloMD secured affected systems, engaged law enforcement and later notified impacted practices. Patients whose Social Security numbers were compromised are being offered free credit monitoring services.

If you receive a data breach notice from ApolloMD, Pennsylvania Hospitalist Group or a hospital you received treatment at, you may want to:

• Sign up for the free credit monitoring services, if offered.
• Monitor your credit reports and financial accounts for any unusual activity.
• Be alert for phishing emails or phone calls that may use your exposed information.
• Consider placing a fraud alert or credit freeze with major credit bureaus.

ApolloMD established a dedicated, toll-free incident response line (833-397-6797) is available Monday through Friday, 8 a.m. to 8 p.m. Eastern Time, to answer questions and provide support to individuals that believe they may be involved in the data breach.