CareCloud Probes March 16 Breach of Electronic Health‑Record System
2h
Developing
1
CareCloud, a U.S. healthcare IT company that supports more than 45,000 medical providers, has disclosed a March 16 security breach in one of its environments that stores electronic health records, according to a filing with the Securities and Exchange Commission. The company says hackers had unauthorized access for more than eight hours before systems were restored the same day and believes the intruders have been removed from its network. CareCloud maintains that the incident was limited to a single environment and did not affect other systems, but investigators have not yet determined whether any patient data was exfiltrated or what types of information might be involved. Because CareCloud underpins back‑office systems many patients never see, security analysts warn that any confirmed data theft could fuel identity theft, insurance fraud and highly targeted scams across the country. The firm has hired outside cybersecurity experts and says its investigation is ongoing, as privacy advocates on social media continue pointing to this and the recent Change Healthcare attack as evidence that critical U.S. health infrastructure remains dangerously exposed.