AdaptHealth
Company Details
Linkedin ID:
adapthealth
Employees number:
3,210
Number of followers:
34,746
NAICS:
62
Industry Type:
Homepage:
adapthealth.com
IP Addresses:
0
Company ID:
ADA_3155310
Scan Status:
In-progress
AdaptHealth Company CyberSecurity Posture
adapthealth.com
AdaptHealth is a network of full-service medical equipment companies that use tailored products and services to empower patients to live their best lives – out of the hospital and in their homes. With more than 670 locations across 47 states, AdaptHealth offers a breadth of clinically focused products and services to help patients with daily activities of life including respiratory health, sleep health, diabetes health, and wellness at home.
AdaptHealth A.I CyberSecurity Scoring
AdaptHealth Risk Score (AI oriented)Between 750 and 799
AdaptHealth
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
AdaptHealth Global Score (TPRM)XXXX
AdaptHealth
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
AdaptHealth Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
TriZetto Healthcare ProductsTriZetto and Adapt Integrated Health Care: Adapt reports vendor data breach
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: TriZetto Vendor Data Breach Exposes Patient Information in Third-Party Incident Adapt Integrated Health Care has disclosed a data breach involving TriZetto, a third-party vendor that provides electronic medical record services through OCHIN. The incident, first reported to Adapt on December 10, 2015, involved an unauthorized individual gaining access to one of TriZetto’s systems. Potentially compromised data includes names, Social Security numbers, dates of birth, contact details, health-related information, and insurance records. While not all patients were affected, TriZetto plans to begin sending individual notification letters in February 2026 to those impacted. Adapt confirmed that its internal systems were not breached the incident occurred at a subcontractor of one of its vendors. The organization is collaborating with OCHIN to strengthen security measures and review its own processes to prevent future risks. TriZetto has set up a dedicated call center (844-572-2724) and is working with vendor Kroll to provide notification services, call center support, and identity theft protection, including pre-paid credit monitoring for affected individuals. Additional updates may be sent by TriZetto or Kroll. The breach highlights the risks of third-party vendor vulnerabilities in healthcare data security.
AdaptHealth Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for AdaptHealth
Incidents vs Hospitals and Health Care Industry Average (This Year)
No incidents recorded for AdaptHealth in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for AdaptHealth in 2026.
Incident Types AdaptHealth vs Hospitals and Health Care Industry Avg (This Year)
No incidents recorded for AdaptHealth in 2026.
Incident History — AdaptHealth (X = Date, Y = Severity)
AdaptHealth cyber incidents detection timeline including parent company and subsidiaries
AdaptHealth Company Subsidiaries
AdaptHealth is a network of full-service medical equipment companies that use tailored products and services to empower patients to live their best lives – out of the hospital and in their homes. With more than 670 locations across 47 states, AdaptHealth offers a breadth of clinically focused products and services to help patients with daily activities of life including respiratory health, sleep health, diabetes health, and wellness at home.
Loading...
AdaptHealth Similar Companies
Jefferson Health
Thomas Jefferson University and Thomas Jefferson University Hospitals are partners in providing excellent clinical and compassionate care for our patients in the Philadelphia region, educating the health professionals of tomorrow in a variety of disciplines and discovering new knowledge that will de
Advocate Health
Advocate Health is redefining how, when and where care is delivered to help people live well. We’re providing equitable care for all in our communities and using our combined strength and expertise to deliver better outcomes at a lower cost. Headquartered in Charlotte, North Carolina, we have a com
Rush University Medical Center
Rush University Medical Center is an academic medical center that includes a 671-bed hospital serving adults and children, the 61-bed Johnston R. Bowman Health Center and Rush University. Rush University is home to one of the first medical colleges in the Midwest and one of the nation's top-ranked n
The people of Memorial Sloan Kettering Cancer Center (MSK) are united by a singular mission: ending cancer for life. Our specialized care teams provide personalized, compassionate, expert care to patients of all ages. Informed by basic research done at our Sloan Kettering Institute, scientists acros
Norton Healthcare is a leader in serving adult and pediatric patients from throughout Greater Louisville, Southern Indiana, the commonwealth of Kentucky and beyond. The not-for-profit hospital and health care system is Louisville’s second largest employer, with more than 18,600 employees, over 1,75
Tenet Healthcare Corporation (NYSE: THC) is a diversified healthcare services company headquartered in Dallas. Our care delivery network includes United Surgical Partners International, the largest ambulatory platform in the country, which operates ambulatory surgery centers and surgical hospitals.
Providence
Every day, 119,000 compassionate caregivers serve patients and communities through Providence St. Joseph Health, a national, Catholic, not-for-profit health system, driven by a belief that health is a human right. Rooted in the founding missions of the Sisters of Providence and the Sisters of St.
McKesson
Welcome to the official LinkedIn page for McKesson Corporation. We're an impact-driven healthcare organization dedicated to “Advancing Health Outcomes For All.” As a global healthcare company, we touch virtually every aspect of health. Our leaders empower our people to lead with a growth mindset an
Ministério da Saúde
O Ministério da Saúde é o órgão do Poder Executivo Federal responsável pela organização e elaboração de planos e políticas públicas voltados para a promoção, a prevenção e a assistência à saúde dos brasileiros. É função do Ministério dispor de condições para a proteção e recuperação da saúde da pop
.png)
AdaptHealth CyberSecurity News
April 15, 2020 07:00 AM
Andy Palan Appointed Chief Technology Officer at AdaptHealth Corp.
AdaptHealth Corp., a large provider of home medical equipment (“HME”) in the United States, announced the appointment of Andy Palan as its...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
AdaptHealth CyberSecurity History Information
Official Website of AdaptHealth
The official website of AdaptHealth is https://http://www.adapthealth.com.
AdaptHealth’s AI-Generated Cybersecurity Score
According to Rankiteo, AdaptHealth’s AI-generated cybersecurity score is 760, reflecting their Fair security posture.
How many security badges does AdaptHealth’ have ?
According to Rankiteo, AdaptHealth currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has AdaptHealth been affected by any supply chain cyber incidents ?
According to Rankiteo, AdaptHealth has been affected by a supply chain cyber incident involving TriZetto Healthcare Products, with the incident ID TRIADA1769117193.
Does AdaptHealth have SOC 2 Type 1 certification ?
According to Rankiteo, AdaptHealth is not certified under SOC 2 Type 1.
Does AdaptHealth have SOC 2 Type 2 certification ?
According to Rankiteo, AdaptHealth does not hold a SOC 2 Type 2 certification.
Does AdaptHealth comply with GDPR ?
According to Rankiteo, AdaptHealth is not listed as GDPR compliant.
Does AdaptHealth have PCI DSS certification ?
According to Rankiteo, AdaptHealth does not currently maintain PCI DSS compliance.
Does AdaptHealth comply with HIPAA ?
According to Rankiteo, AdaptHealth is not compliant with HIPAA regulations.
Does AdaptHealth have ISO 27001 certification ?
According to Rankiteo,AdaptHealth is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of AdaptHealth
AdaptHealth operates primarily in the Hospitals and Health Care industry.
Number of Employees at AdaptHealth
AdaptHealth employs approximately 3,210 people worldwide.
Subsidiaries Owned by AdaptHealth
AdaptHealth presently has no subsidiaries across any sectors.
AdaptHealth’s LinkedIn Followers
AdaptHealth’s official LinkedIn profile has approximately 34,746 followers.
NAICS Classification of AdaptHealth
AdaptHealth is classified under the NAICS code 62, which corresponds to Health Care and Social Assistance.
AdaptHealth’s Presence on Crunchbase
Yes, AdaptHealth has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/qmes.
AdaptHealth’s Presence on LinkedIn
Yes, AdaptHealth maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/adapthealth.
Cybersecurity Incidents Involving AdaptHealth
As of January 25, 2026, Rankiteo reports that AdaptHealth has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
AdaptHealth has an estimated 31,618 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at AdaptHealth ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does AdaptHealth detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with kroll (notification services, call center support, identity theft protection), and remediation measures with strengthening security measures, reviewing processes, and communication strategy with dedicated call center (844-572-2724), notification letters starting february 2026..
Incident Details
Can you provide details on each incident ?
Title: TriZetto Vendor Data Breach Exposes Patient Information in Third-Party Incident
Description: Adapt Integrated Health Care disclosed a data breach involving TriZetto, a third-party vendor providing electronic medical record services through OCHIN. An unauthorized individual gained access to one of TriZetto’s systems, potentially compromising patient information.
Date Detected: 2015-12-10
Type: Data Breach
Attack Vector: Unauthorized system access
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach TRIADA1769117193
Data Compromised: Names, Social Security numbers, dates of birth, contact details, health-related information, insurance records
Systems Affected: TriZetto’s systems (third-party vendor)
Identity Theft Risk: High
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Patient information.
Which entities were affected by each incident ?
Incident : Data Breach TRIADA1769117193
Entity Name: Adapt Integrated Health Care
Entity Type: Healthcare Provider
Industry: Healthcare
Customers Affected: Potentially some patients (not all)
Incident : Data Breach TRIADA1769117193
Entity Name: TriZetto
Entity Type: Third-Party Vendor
Industry: Healthcare IT
Incident : Data Breach TRIADA1769117193
Entity Name: OCHIN
Entity Type: Subcontractor/Vendor
Industry: Healthcare IT
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach TRIADA1769117193
Third Party Assistance: Kroll (notification services, call center support, identity theft protection)
Remediation Measures: Strengthening security measures, reviewing processes
Communication Strategy: Dedicated call center (844-572-2724), notification letters starting February 2026
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Kroll (notification services, call center support, identity theft protection).
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach TRIADA1769117193
Type of Data Compromised: Patient information
Sensitivity of Data: High (PII, health records, SSNs)
Personally Identifiable Information: Names, Social Security numbers, dates of birth, contact details, insurance records
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Strengthening security measures, reviewing processes.
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Data Breach TRIADA1769117193
Lessons Learned: Highlights risks of third-party vendor vulnerabilities in healthcare data security
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Highlights risks of third-party vendor vulnerabilities in healthcare data security.
References
Where can I find more information about each incident ?
Incident : Data Breach TRIADA1769117193
Source: Incident disclosure by Adapt Integrated Health Care
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Incident disclosure by Adapt Integrated Health Care.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Dedicated call center (844-572-2724) and notification letters starting February 2026.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Data Breach TRIADA1769117193
Customer Advisories: Notification letters to be sent starting February 2026, call center support available
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Notification letters to be sent starting February 2026 and call center support available.
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach TRIADA1769117193
Root Causes: Third-party vendor vulnerability (TriZetto system access)
Corrective Actions: Strengthening security measures, reviewing processes with OCHIN
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Kroll (notification services, call center support, identity theft protection).
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Strengthening security measures, reviewing processes with OCHIN.
Additional Questions
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2015-12-10.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Names, Social Security numbers, dates of birth, contact details, health-related information and insurance records.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Kroll (notification services, call center support, identity theft protection).
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Names, Social Security numbers, dates of birth, contact details, health-related information and insurance records.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Highlights risks of third-party vendor vulnerabilities in healthcare data security.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Incident disclosure by Adapt Integrated Health Care.
Stakeholder and Customer Advisories
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued were an Notification letters to be sent starting February 2026 and call center support available.
.png)
Latest Global CVEs (Not Company-Specific)
Description
The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the processBackgroundAction() function in all versions up to, and including, 10.0.04. This makes it possible for authenticated attackers, with Subscriber-level access and above, to modify global map engine settings.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Description
The Save as PDF Plugin by PDFCrowd plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘options’ parameter in all versions up to, and including, 4.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. NOTE: Successful exploitation of this vulnerability requires that the PDFCrowd API key is blank (also known as "demo mode", which is the default configuration when the plugin is installed) or known.
Risk Information
cvss3
Base: 6.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Description
The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the action_import_module() function in all versions up to, and including, 7.8.9.2. This makes it possible for authenticated attackers, with a lower-privileged role (e.g., Subscriber-level access and above), to upload arbitrary files on the affected site's server which may make remote code execution possible. Successful exploitation requires an admin to grant Hustle module permissions (or module edit access) to the low-privileged user so they can access the Hustle admin page and obtain the required nonce.
Risk Information
cvss3
Base: 7.5
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Description
The WP Directory Kit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.9 via the wdk_public_action AJAX handler. This makes it possible for unauthenticated attackers to extract email addresses for users with Directory Kit-specific user roles.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Description
The Meta-box GalleryMeta plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Risk Information
cvss3
Base: 4.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
References
- https://plugins.trac.wordpress.org/browser/meta-box-gallerymeta/tags/3.0.1/gallerymetaboxes.php#L119
- https://plugins.trac.wordpress.org/browser/meta-box-gallerymeta/tags/3.0.1/gallerymetaboxes.php#L314
- https://plugins.trac.wordpress.org/browser/meta-box-gallerymeta/tags/3.0.1/templates/single-mb_gallery.php#L31
- https://plugins.trac.wordpress.org/browser/meta-box-gallerymeta/tags/3.0.1/templates/single-mb_gallery.php#L33
- https://www.wordfence.com/threat-intel/vulnerabilities/id/bb9ae252-7e5f-4dc0-a162-100493b81980?source=cve
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=adapthealth' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
