Healthcare expertise big CareCloud has confirmed that hackers accessed considered one of its shops of sufferers’ digital well being data throughout an information breach earlier this month.
The disclosure, filed with the U.S. Securities and Change Fee final Friday, mentioned the corporate detected unauthorized entry on March 16 to considered one of six environments the place it shops sufferers’ medical and healthcare data. The hackers had entry to this medical data storage for greater than eight hours, the corporate mentioned, however that it was not but identified if the hacker exfiltrated any information, or what kinds of information could have been stolen, in that case.
The well being tech big mentioned it believes the hackers are not in its community after restoring its techniques the identical day, and has known as in an unspecified cybersecurity firm to research.
CareCloud didn’t say how many individuals had been affected by the breach. The corporate supplies healthcare expertise, together with digital well being data storage, for greater than 45,000 suppliers, together with docs and physicians at hundreds of hospitals and medical practices, protecting hundreds of thousands of sufferers, based on the corporate’s annual report to investors filed earlier in March.
Digital well being file suppliers are wealthy targets for financially motivated cybercriminals, which steal private information and demand a ransom to not publish it. In 2024, Russian cybercriminals stole most of America’s well being data in a ransomware assault on Change Healthcare, resulting in widespread outages and delayed healthcare for months.
It’s not clear if the current cyberattack on CareCloud resulted in any information destruction or if the hackers have contacted the corporate with any calls for. A spokesperson for CareCloud didn’t reply to a request for remark. We additionally requested how CareCloud shops affected person information, comparable to whether or not the corporate shops sufferers’ information throughout its six environments or if a number of the environments retailer backups of the others. We are going to replace if we hear again.
In accordance with CareCloud’s public web data, a lot of the corporate’s recordsdata and information are hosted on Amazon Net Providers.
CareCloud mentioned in its SEC disclosure that it decided on March 24 that the incident was important sufficient to have a fabric influence on its enterprise and was legally required to alert its traders. CareCloud mentioned the breach is unlikely to have an effect on the corporate’s monetary place, however conceded that its investigation stays underneath means.
Have you learnt extra about CareCloud’s information breach? Do you’re employed at CareCloud and learn about its safety practices? Contact this reporter through encrypted message at zackwhittaker.1337 on Sign.
