CareCloud confirmed that hackers got into one of its systems that stores electronic health records on March 16 and stayed inside for more than eight hours before the company says the intrusion was contained. The healthcare software company has not said whether any data was taken.
The incident matters because CareCloud serves more than 45,000 providers and supports millions of patients. In a filing with the U.S. Securities and Exchange Commission, the company said the breach was limited to a single environment and did not affect its other systems or platforms.
CareCloud has brought in outside cybersecurity experts as the investigation continues, but it has not identified what information, if any, may have been exposed. The company operates multiple environments where patient records are stored, and healthcare systems can hold names, Social Security numbers and medical histories, making even a contained attack a serious event.
The case lands in a sector still rattled by major cyber disruptions, including the Change Healthcare ransomware attack, which showed how quickly an intrusion can ripple through hospitals, doctors and patients. Public records also suggest much of CareCloud’s infrastructure relies on Amazon Web Services, a reminder that a single compromised environment can sit inside a much larger digital network.
For now, the unanswered question is not whether CareCloud was targeted. It was. The question is whether the hackers saw or carried away anything from the records system before the company shut the door.