Healthcare know-how big CareCloud has confirmed that hackers accessed considered one of its shops of sufferers’ digital well being data throughout a data breach earlier this month.
The disclosure, filed with the U.S. Securities and Change Fee final Friday, stated the corporate detected unauthorized entry on March 16 to considered one of six environments the place it shops sufferers’ medical and healthcare data. The hackers had entry to this medical data storage for greater than eight hours, the corporate stated, however that it was not but identified if the hacker exfiltrated any knowledge, or what varieties of knowledge could have been stolen, in that case.
The well being tech big stated it believes the hackers are not in its community after restoring its programs the identical day, and has known as in an unspecified cybersecurity firm to analyze.
CareCloud didn’t say how many individuals have been affected by the breach. The corporate gives healthcare know-how, together with digital well being data storage, for greater than 45,000 suppliers, together with docs and physicians at 1000’s of hospitals and medical practices, overlaying tens of millions of sufferers, in keeping with the corporate’s annual report back to traders filed earlier in March.
Digital well being file suppliers are wealthy targets for financially motivated cybercriminals, which steal private knowledge and demand a ransom to not publish it. In 2024, Russian cybercriminals stole most of America’s well being data in a ransomware assault on Change Healthcare, resulting in widespread outages and delayed healthcare for months.
It’s not clear if the latest cyberattack on CareCloud resulted in any knowledge destruction or if the hackers have contacted the corporate with any calls for. A spokesperson for CareCloud didn’t reply to a request for remark. We additionally requested how CareCloud shops affected person knowledge, comparable to whether or not the corporate shops sufferers’ knowledge throughout its six environments or if a number of the environments retailer backups of the others. We’ll replace if we hear again.
In accordance with CareCloud’s public web data, a lot of the corporate’s information and knowledge are hosted on Amazon Internet Companies.
CareCloud stated in its SEC disclosure that it decided on March 24 that the incident was important sufficient to have a cloth impression on its enterprise and was legally required to alert its traders. CareCloud stated the breach is unlikely to have an effect on the corporate’s monetary place, however conceded that its investigation stays beneath means.
Are you aware extra about CareCloud’s data breach? Do you’re employed at CareCloud and find out about its security practices? Contact this reporter by way of encrypted message at zackwhittaker.1337 on Sign.
