Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
American Associated Pharmacies (AAP)

American Associated Pharmacies (AAP) Vendor Cyber Rating & Cyber Score

rxaap.com

American Associated Pharmacies (AAP) is a member-owned cooperative that prides itself on providing the most progressive, effective, and forward-thinking programs and services designed to put profit back in the independent pharmacy. AAP is a truly independent pharmacy co-operative that puts you in control by offering fully customized programs and services that best fit YOUR store. Keep in mind, you’ll own it all too.


AAP A.I CyberSecurity Scoring

AAP
Company Information
Website:http://www.rxaap.com
Employees number:146
Number of followers:3,941
NAICS:3254
Industry Type:Pharmaceutical Manufacturing
Homepage:rxaap.com
AAP Risk Score (AI oriented)
Between 600 and 649
logo
AAPPharmaceutical Manufacturing
Updated:
01/04/2026
619/1000
Poor
Caa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
AAP Global Score (TPRM)
xxxx
logo
AAPPharmaceutical Manufacturing
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

AAP
AAPPoor
Current Score
619Caa (POOR)
01000
2 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
628Before Incident
JUNE 2026
627Before Incident
MAY 2026
622Before Incident
APRIL 2026
621Before Incident
MARCH 2026
619Before Incident
FEBRUARY 2026
615Before Incident
JANUARY 2026
614Before Incident
DECEMBER 2025
608Before Incident
NOVEMBER 2025
607Before Incident
OCTOBER 2025
605Before Incident
SEPTEMBER 2025
602Before Incident
AUGUST 2025
599Before Incident
DECEMBER 2024
689Before Incident
Ransomware
02 Dec 2024AAP
American Associated Pharmacies (AAP)

American Associated Pharmacies Ransomware Attack by Embargo

570After Incident
CRITICAL-119
RXA1362213091025
American Associated Pharmacies (AAP), a Scottsboro, Ala.-based pharmacy network overseeing over 2,000 independent pharmacies, suffered a ransomware attack by the Embargo group. Hackers stole 1.4 TB of data, including protected health information (PHI) and clinical laboratory testing records, encrypting files and demanding $1.3 million for decryption. AAP reportedly paid the initial ransom, but Embargo later demanded an additional $1.3 million to prevent data leakage. The attack disrupted API Warehouse operations, forcing password resets for APIRx.com and RxAAP.com. The breach exposed thousands of patients’ medical and account details, with potential long-term risks of identity theft and fraud. The incident follows similar attacks on Memorial Hospital (Georgia) and Weiser Memorial Hospital (Idaho), highlighting Embargo’s sophisticated EDR-killer toolkit and double-extortion tactics (encryption + data leak threats).
INCIDENT DETAILS -
TYPE
ransomwaredata breachdouble extortion
MOTIVATION
financial gain (ransom extortion)
IMPACT
1.4 TB of data (including protected health information - PHI)medical recordsaccount detailsprescription dataAPI Warehouse ordering system (APIRx.com)RxAAP.comemail systems (in related attacks)electronic medical record (EHR) systems (in related attacks)limited ordering capabilities restored (partial recovery)four-week outage at Weiser Memorial Hospital (related attack)switch to paper-based systems (in related attacks)disruption of pharmacy order processingBrand Reputation Impact: high (potential exposure of sensitive patient data, public ransom demands)Identity Theft Risk: high (PHI and account details compromised)
DATA BREACH
protected health information (PHI)clinical laboratory testing datamedical recordsaccount detailsprescription dataSensitivity Of Data: high (includes PHI and medical records)Data Exfiltration: 1.4 TB of data stolenData Encryption: files encrypted by ransomwarePersonally Identifiable Information: likely (PHI includes PII)
OCTOBER 2024
753Before Incident
Breach
13 Oct 2024AAP
American Associated Pharmacies (AAP)

American Associated Pharmacies (AAP) Data Breach and Ransomware Incident

687After Incident
CRITICAL-66
RXA0802508111925
American Associated Pharmacies (AAP), a cooperative supporting over 2,000 independent U.S. pharmacies, suffered a data breach in October 2024. Hackers infiltrated AAP’s network on October 13, 2024, exfiltrating sensitive personal and financial data before encrypting files. The compromised information includes names, addresses, dates of birth, Social Security numbers, passport/driver’s license details, bank/routing numbers, medical records (treatment data, prescriptions, insurance info), and credentials (usernames/passwords). The breach poses severe risks of identity theft, financial fraud, and medical data exploitation, affecting customers, employees, and affiliated pharmacies. AAP secured its systems upon detection (October 23, 2024) and launched an investigation, while law firm Edelson Lechtzin LLP is pursuing a class-action lawsuit for victims. The incident underscores critical vulnerabilities in handling highly regulated health and financial data, with potential long-term reputational and operational damage to AAP and its pharmacy network.
INCIDENT DETAILS -
TYPE
Data BreachRansomware
IMPACT
NamesAddressesDates of birthSocial Security numbersPassport numbersDriver’s license/ID numbersBank account and routing numbersMedical/clinical treatment detailsProvider namesMedical record numbersHealth insurance informationPrescription dataUsernames and passwordsComputer networkFile storage systemsBrand Reputation Impact: Potential reputational damage due to exposure of highly sensitive personal and medical data; class action lawsuit initiated.Legal Liabilities: Class action lawsuit investigation by Edelson Lechtzin LLP for data privacy violations.Identity Theft Risk: High (due to exposure of SSNs, financial data, and medical records)Payment Information Risk: High (bank account/routing numbers, usernames/passwords exposed)
DATA BREACH
Personally Identifiable Information (PII)Protected Health Information (PHI)Financial InformationAuthentication CredentialsSensitivity Of Data: High (includes SSNs, medical records, financial data, and credentials)

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for AAP ?
?
What was AAP's A.I Rankiteo Cyber Score in June 2026 ?
?
What was AAP's A.I Rankiteo Cyber Score in May 2026 ?
?
What was AAP's A.I Rankiteo Cyber Score in April 2026 ?
?
What was AAP's A.I Rankiteo Cyber Score in March 2026 ?
?
What was AAP's A.I Rankiteo Cyber Score in February 2026 ?
?
What was AAP's A.I Rankiteo Cyber Score in January 2026 ?
?
What was AAP's A.I Rankiteo Cyber Score in December 2025 ?
?
What was AAP's A.I Rankiteo Cyber Score in November 2025 ?
?
What was AAP's A.I Rankiteo Cyber Score in October 2025 ?
?
What was AAP's A.I Rankiteo Cyber Score in September 2025 ?
?
What was AAP's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on AAP's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with AAP ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view AAP's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?