Trinity Emergency Physicians Data Breach Impact Revealed

Published

September 27, 2025

Updated

September 27, 2025

Trinity Emergency Physicians

Types of INFORMATION affected

Names
Social Security Numbers
Dates of Birth
Addresses
Government IDs
Medical Info
Financial Info

Between May 22 and May 23, 2025, Trinity Emergency Physicians, an Alabama-based emergency medicine group, was affected by a significant data breach involving its business associate, ApolloMD Business Services. The incident was first detected on May 22, 2025 by ApolloMD, a company providing administrative services to healthcare organizations.

An investigation was launched and revealed that a cyberattack took place between May 22, 2025 and May 23, 2025. A ransomware group known as Qilin claimed responsibility for hacking files containing personal and protected health information belonging to patients. The total number of affected patients has not been released, but includes multiple physician practices ApolloMD was associated with.

Exposed information included names, Social Security numbers, dates of birth, addresses, diagnosis information, provider names, dates of service, treatment details, and health insurance information. Data breach notices were mailed to impacted patients on Sept. 17, 2025.

ApolloMD also published a Notice of Data Security Incident on its website. The breach is considered severe as the the combination of both PII and PHI can put individuals at a very high risk for identity theft and medical fraud.

Trinity Emergency Physicians' response

In response to the breach, ApolloMD, on behalf of Trinity Emergency Physicians and other impacted practices, took steps to secure its systems and engaged law enforcement.

If you receive a data breach notice from ApolloMD, Trinity Emergency Physicians or a hospital you received treatment at, you may want to:

Sign up for the free credit monitoring services, if offered.
Monitor your credit reports and financial accounts for any unusual activity.
Be alert for phishing emails or phone calls that may use your exposed information.
Consider placing a fraud alert or credit freeze with major credit bureaus.

ApolloMD has also set up dedicated toll-free incident response line has been set up at 833-397-6797, available Monday through Friday from 8 a.m. to 8 p.m. Eastern time.

Protect Your Data

A breach notice means your personal details could be circulating far beyond the organization involved. One practical step is continuous monitoring: services such as Identity Defender (included with an ExpressVPN subscription) can automatically check dark-web markets, flag new credit-file activity, and request removal of your information from data-broker sites.

This kind of “early-warning system” can’t undo a breach, but it can help you spot misuse quickly and limit further exposure. ExpressVPN is offering 61% off, risk-free for 30 days, with ID Theft Insurance included and no extra cost for those who sign up for one or two years.