Healthcare technology giant CareCloud has confirmed that hackers accessed one of its stores of patients’ electronic health records during a data breach earlier this month.
The disclosure, filed with the U.S. Securities and Exchange Commission last Friday, said the company detected unauthorized access on March 16 to one of six environments where it stores patients’ medical and healthcare records. The hackers had access to this medical records storage for more than eight hours, the company said, but that it was not yet known if the hacker exfiltrated any data, or what types of data may have been stolen, if so.
The health tech giant said it believes the hackers are no longer in its network after restoring its systems the same day, and has called in an unspecified cybersecurity company to investigate.
CareCloud did not say how many people were affected by the breach. The company provides healthcare technology, including electronic health records storage, for more than 45,000 providers, including doctors and physicians at thousands of hospitals and medical practices, covering millions of patients, according to the company’s annual report to investors filed earlier in March.
Electronic health record providers are rich targets for financially motivated cybercriminals, which steal personal data and demand a ransom to not publish it. In 2024, Russian cybercriminals stole most of America’s health records in a ransomware attack on Change Healthcare, leading to widespread outages and delayed healthcare for months.
It’s not clear if the recent cyberattack on CareCloud resulted in any data destruction or if the hackers have contacted the company with any demands. A spokesperson for CareCloud did not respond to a request for comment. We also asked how CareCloud stores patient data, such as whether the company stores patients’ data across its six environments or if some of the environments store backups of the others. We will update if we hear back.
According to CareCloud’s public internet records, much of the company’s files and data are hosted on Amazon Web Services.
CareCloud said in its SEC disclosure that it determined on March 24 that the incident was significant enough to have a material impact on its business and was legally required to alert its investors. CareCloud said the breach is unlikely to affect the company’s financial position, but conceded that its investigation remains under way.
Do you know more about CareCloud’s data breach? Do you work at CareCloud and know about its security practices? Contact this reporter via encrypted message at zackwhittaker.1337 on Signal.