Markovits, Stock & DeMarco, LLC, a law firm experienced in data breach class action litigation, is investigating claims on behalf of victims of a data breach involving data entrusted to AdaptHealth.
AdaptHealth is a publicly traded, Pennsylvania-based provider of home-based medical equipment, diabetes supplies, and sleep therapy products such as continuous positive airway pressure (CPAP) machines. The recent cyberattack resulted in the theft of patient information, including personally identifiable information and protected health information. If you were affected by the AdaptHealth data breach, contact us for a free consultation to understand your legal rights and explore potential remedies.
Understanding the AdaptHealth Data Breach
On July 2, 2026, AdaptHealth disclosed in a Form 8-K filing with the U.S. Securities and Exchange Commission that it had suffered a material cybersecurity incident. A threat actor contacted the company on June 15, 2026, claiming to have obtained files containing patient data from AdaptHealth’s systems.¹ AdaptHealth launched an investigation, engaged third-party cybersecurity experts, and notified law enforcement, later confirming that a breach had in fact occurred.²
According to AdaptHealth, the incident was the result of a social engineering attack that compromised the credentials of a third-party contractor. Using that access, the threat actor reached certain cloud-based business applications, including internal patient management systems and document storage platforms, and exfiltrated files containing patient data. By June 27, 2026, AdaptHealth had determined the incident was material given the nature and potential volume of data placed at risk.³
Although AdaptHealth has not publicly named the party responsible, the AdaptHealth data breach appears to be a data theft and extortion attempt by the ShinyHunters threat group, which added AdaptHealth to its data leak site and threatened to publish the stolen data if a ransom is not paid.⁴
What Data was Compromised in the AdaptHealth Data Breach?
AdaptHealth has stated that its investigation is ongoing and that the full scope of affected data has not yet been determined. Based on the company’s disclosures, the information exposed in the AdaptHealth data breach may include:
• Personally identifiable information (PII)
• Protected health information (PHI)
• A stored password file tied to insurance billing
• Access to external electronic health record (EHR) portals
What Should I do if I was Affected by the AdaptHealth Data Breach?
To understand your rights and explore your options in response to the AdaptHealth data breach, you can schedule a free, confidential consultation with Attorney Justin C. Walker at Markovits, Stock & DeMarco, LLC. You can reach us through the following channels:
• Call us at (513) 651-3700
• Email us at [email protected]
• Submit a Case Evaluation request through the form on our website
¹ https://finance.yahoo.com/healthcare/articles/adapthealth-discloses-june-cyberattack-resulting-111953901.html
² https://www.hipaajournal.com/adapthealth-data-breach/
³ Supra note 1.
⁴ Supra note 2.

