Heimdal
article featured image

Contents:

NextGen Healthcare, a U.S.-based provider of electronic health record software, notified its clients that threat actors breached its systems and stole the personal data of more than 1 million patients.

The company reported a data breach to the Maine attorney general’s office, confirming that hackers gained access to the personal information of 1.05 million patients, including about 4,000 people from Maine. NextGen Healthcare claimed in a letter to those impacted that hackers obtained the names, birthdates, residences, and Social Security numbers of patients.

Details And NextGen’s Take on the Breach

Our investigation has revealed no evidence of any access or impact to any of your health or medical records or any health or medical data… Furthermore, there is no evidence to suggest there has been any fraudulent use of the personal information accessed.

NextGen Statement on the Data Breach (Source)

In its filing with Maine’s AG, the company declared that it detected suspicious activity on March 30, and later determined that threat actors had access to its systems between March 29 and April 14, 2023. According to the notification, the attackers gained access to its NextGen Office system – a cloud-based HER and practice management solution – using client credentials that “appear to have been stolen from other sources or incidents unrelated to NextGen.”

TechCrunch reached out to Tami Andrade, NextGen’s spokesperson to gather more information.

When we learned of the incident, we took steps to investigate and remediate, including working together with leading outside cybersecurity experts and notifying law enforcement.

Tami Andrade, NextGen Spokesperson (Source)

Andrade also told TechCrunch that the individuals known to be impacted by the incident were notified on April 28, 2023. They also received 24 months of free fraud detection and identity theft protection “as a precautionary measure”.

Similar to Maine, the attack was also reported in the state of Texas on May 5th (131,815 residents affected), and Montana (3,343 residents affected).

Not the First Time

This is not the first time the company has been the target of threat actors. Back in January, NextGen was also the victim of a ransomware attack claimed by the ALPHV ransomware gang (also known as BlackCat). The names, residences, phone numbers, and passport scans of employees are among the stolen data samples displayed on a listing on ALPHV’s dark web breach site, which TechCrunch has access to.

If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.

Author Profile

Cristian Neagu

CONTENT EDITOR

linkedin icon

Cristian is a Content Editor & Creator at Heimdal®, where he developed a deep understanding of the digital threat landscape. His style resonates with both technical and non-technical readers, proof being in his skill of communicating cybersecurity norms effectively, in an easy-to-understand manner.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE