Shadow sites are already preparing price tags for fresh archives.
CareCloud Company faced an incident that for several hours disrupted the work of the medical infrastructure and forced the company to urgently understand the possible leakage of patients’ data. The failure was short-lived, but the consequences can be much more serious.
The company has announced to the Securities and Exchange Commission (SEC) on unauthorized access to one of the six environments of electronic medical records, which occurred on March 16. As a result, some of the functions and access to data were not available for about eight hours. The system was restored in the evening of the same day. CareCloud has attracted external specialists to respond to cyber incidents, notified the insurance company and handed over information to law enforcement agencies.
According to the company, the attack affected only one environment in the CareCloud Health division. The remaining platforms, systems and data were not affected. At the same time, the affected environment contains information about patients, so now the team assesses whether the attacker has access to this data and whether their unloading them could occur. The volume and categories of possible leakage are also specified. At the moment, the access of the offender is already closed, work is underway to eliminate the consequences.
It is noteworthy that on the same day, March 16, there was a failure in another medical organization - Vanderbilt University Medical Center, but no communication between the two events was found. Representatives of the medical center reported that the reason was technical in nature and is not related to cyber attack or extortional software. Open sources mentioned possible problems with Epic or software updates.
CareCloud provides cloud solutions, revenue management systems and other services for medical organizations across the United States. According to the results of 2024, the company served about 40 thousand specialists and about 2600 private clinics and hospitals.
The incident fits into the growing trend of attacks on suppliers of technology and health services. Such cases have already affected companies like Stryker and Masimo, showing that the vulnerability of contractors can disrupt the entire industry.
CareCloud said the incident had no significant impact on operational activities. At the same time, the company considers the situation significant due to the sensitivity of medical data and possible legal, regulatory and reputational consequences. If the verification confirms access to or leaks of information, the company may disclose additional details and notify the affected users.
CareCloud Company faced an incident that for several hours disrupted the work of the medical infrastructure and forced the company to urgently understand the possible leakage of patients’ data. The failure was short-lived, but the consequences can be much more serious.
The company has announced to the Securities and Exchange Commission (SEC) on unauthorized access to one of the six environments of electronic medical records, which occurred on March 16. As a result, some of the functions and access to data were not available for about eight hours. The system was restored in the evening of the same day. CareCloud has attracted external specialists to respond to cyber incidents, notified the insurance company and handed over information to law enforcement agencies.
According to the company, the attack affected only one environment in the CareCloud Health division. The remaining platforms, systems and data were not affected. At the same time, the affected environment contains information about patients, so now the team assesses whether the attacker has access to this data and whether their unloading them could occur. The volume and categories of possible leakage are also specified. At the moment, the access of the offender is already closed, work is underway to eliminate the consequences.
It is noteworthy that on the same day, March 16, there was a failure in another medical organization - Vanderbilt University Medical Center, but no communication between the two events was found. Representatives of the medical center reported that the reason was technical in nature and is not related to cyber attack or extortional software. Open sources mentioned possible problems with Epic or software updates.
CareCloud provides cloud solutions, revenue management systems and other services for medical organizations across the United States. According to the results of 2024, the company served about 40 thousand specialists and about 2600 private clinics and hospitals.
The incident fits into the growing trend of attacks on suppliers of technology and health services. Such cases have already affected companies like Stryker and Masimo, showing that the vulnerability of contractors can disrupt the entire industry.
CareCloud said the incident had no significant impact on operational activities. At the same time, the company considers the situation significant due to the sensitivity of medical data and possible legal, regulatory and reputational consequences. If the verification confirms access to or leaks of information, the company may disclose additional details and notify the affected users.