Healthcare expertise options supplier CareCloud (Nasdaq: CCLD) has disclosed a cybersecurity incident that will have resulted in affected person info compromise.
CareCloud is a New Jersey-based publicly traded firm that gives cloud-based software program options to medical practices, clinics, and hospitals, together with for digital well being data, income cycle administration, apply administration, and affected person engagement.
In a March 27 submitting with the SEC, the corporate stated its community was briefly disrupted on March 16 attributable to a cybersecurity incident.
Performance and information entry to certainly one of its six digital well being report environments was affected for roughly 8 hours.
The investigation into the incident is ongoing, with CareCloud trying to find out whether or not the hacker accessed or exfiltrated any of the affected person info or different information saved within the compromised surroundings.
CareCloud stated the cybersecurity incident was restricted to its CareCloud Well being surroundings and “didn’t have an effect on different platforms, divisions, programs, information or environments”.
The corporate’s evaluation on the time of the submitting was that the incident didn’t have a cloth affect and that any potential losses needs to be lined by cyberinsurance.
The cyberattack was reported to the SEC because of the sensitivity of the possibly compromised info and the doable penalties of the incident, similar to reputational injury, authorized and regulatory necessities, and incident response prices.
“All affected programs have been totally restored, and the Firm believes that the menace actor not has any entry to the identical,” CareCloud said.
No identified ransomware group seems to have taken credit score for an assault on CareCloud on the time of writing, but when it was certainly a profit-driven cybercrime gang it could solely identify the corporate on its leak web site after it deems that negotiations have failed or stalled.
SecurityWeek has reached out to the corporate for extra particulars.
Associated: European Fee Experiences Cyber Intrusion and Knowledge Theft
Associated: Hightower Holding Knowledge Breach Impacts 130,000
Associated: Extortion Group Claims It Hacked AstraZeneca
Associated: HackerOne Worker Knowledge Uncovered in Large Navia Breach
