CareCloud said hackers accessed one of its systems that stores electronic health records for more than eight hours on March 16, then contained the incident to a single environment and brought in outside cybersecurity experts.
The company, which serves more than 45,000 providers and supports millions of patients, has not said whether any data was taken or what information may have been involved. In a filing with the U.S. Securities and Exchange Commission, CareCloud said the intrusion was limited to one environment and did not affect its other systems or platforms.
The disclosure adds another example to a healthcare sector that continues to face repeated breaches, with patient data among the most valuable targets. Public records suggest much of CareCloud's infrastructure relies on Amazon Web Services, underscoring how widely the company spreads the systems that hold patient records.
Read Also: Data Breach: CareCloud confirms March 16 intrusion into health records system
The unanswered question is not whether the breach happened — CareCloud has already confirmed that much — but whether the hackers left with anything from the records system before the company shut the access down.
