90K exposed after sleep therapy provider data breach​ | Cybernews

CPAP Medical Supplies and Services, a sleep therapy gear provider focused on US military personnel, suffered a cyberattack between December 13-21, 2024, that exposed personal information of over 90,000 customers. The breach compromised customer names, Social Security numbers, and protected health information, creating risks for identity theft, targeted phishing attacks impersonating healthcare providers, and medical identity theft for fraudulent insurance claims and prescription drug schemes. CPAP emphasized its military focus and acceptance of Tricare, the Defense Department’s health program for service members, making the breach particularly concerning for national security personnel and their families. The company has offered complimentary credit and identity monitoring services to affected individuals, while healthcare institutions continue facing increased cyber threats, with healthcare data breaches in 2024 alone exposing over 267 million records across the industry.​​​​​​​​​​​​​​​​