CareCloud breach exposes patient medical records
▼ Summary
– CareCloud confirmed hackers accessed one of its six patient electronic health record storage environments on March 16.
– The unauthorized access lasted over eight hours, but it is unknown if any data was stolen or what type.
– The company serves over 45,000 providers and millions of patients, though the number affected by this breach is unspecified.
– CareCloud reported the breach to the SEC, stating it could materially impact its business but likely not its financial position.
– The company’s systems are restored and an external cybersecurity firm is investigating, but it is unclear if the hackers made any demands.
A significant data breach at healthcare technology firm CareCloud has compromised a repository containing patient medical records. The company confirmed the incident in a recent filing with the U.S. Securities and Exchange Commission, stating that unauthorized access was detected on March 16. Intruders infiltrated one of six distinct environments the company uses to store electronic health records, maintaining access for over eight hours. CareCloud has not yet determined whether any data was actually stolen or what specific information may have been involved.
The company acted quickly to restore its systems on the same day, asserting that the threat actors have been removed from its network. An external cybersecurity company has been engaged to conduct a full investigation. CareCloud has not disclosed the number of individuals potentially impacted by this breach. The firm provides technology services, including EHR storage, to more than 45,000 providers across thousands of hospitals and medical practices, affecting millions of patients according to its latest annual report.
Electronic health record providers are increasingly attractive targets for financially motivated cybercriminals. These attacks often involve stealing sensitive personal information to extort ransom payments. The healthcare sector is still recovering from the massive 2024 ransomware attack on Change Healthcare, which was attributed to Russian cybercriminals and disrupted care for millions of Americans.
It remains unclear whether the CareCloud intrusion involved any data destruction or if the hackers have made any demands. The company did not respond to requests for comment regarding its data storage architecture, such as whether patient information is distributed across its six environments or if some serve as backups. Public records indicate a substantial portion of CareCloud’s infrastructure relies on Amazon Web Services for hosting.
In its regulatory disclosure, CareCloud stated it concluded by March 24 that the incident was significant enough to warrant informing investors. While the company believes the breach will not materially affect its financial standing, it acknowledged the investigation is ongoing. The event underscores the persistent vulnerabilities within critical healthcare infrastructure and the severe risks posed to patient data privacy.
(Source: TechCrunch)
