[ad_1]
NextGen Healthcare, a U.S.-based supplier of electronic well being file software program, admitted that hackers breached its techniques and stole the non-public information of greater than 1 million sufferers.
In a information breach notification filed with the Maine legal professional common’s workplace, NextGen Healthcare confirmed that hackers accessed the non-public information of 1.05 million sufferers, together with roughly 4,000 Maine residents. In a letter despatched to these affected, NextGen Healthcare mentioned that hackers stole sufferers’ names, dates of delivery, addresses and Social Security numbers.
“Importantly, our investigation has revealed no evidence of any access or impact to any of your health or medical records or any health or medical data,” the corporate added. It’s not but recognized whether or not NextGen Healthcare has the means, similar to logs, to find out what information was exfiltrated and firm spokesperson Tami Andrade didn’t instantly reply to TechCrunch’s questions.
In its submitting with Maine’s AG, NextGen Healthcare mentioned it was alerted to suspicious exercise on March 30, and later decided that hackers had entry to its techniques between March 29 and April 14, 2023. The notification says that the attackers gained entry to its NextGen Office system — a cloud-based EHR and apply administration resolution — utilizing shopper credentials that “appear to have been stolen from other sources or incidents unrelated to NextGen”.
NextGen was additionally the sufferer of a ransomware assault in January this 12 months, based on stories, which was claimed by the ALPHV ransomware gang, also called BlackCat. An inventory on ALPHV’s darkish net leak website, seen by TechCrunch, reveals samples of the stolen information, together with worker names, addresses, telephone numbers, and passport scans.
News of NextGen’s newest breach comes because the variety of sufferers’ impacted by the mass ransomware assault focusing on prospects who used Fortra’s GoAnywhere file-transfer software program continues to develop. Flordia-based know-how firm NationBenefits confirmed final week that greater than 3 million members had information stolen within the cyberattack, whereas Brightline, a digital remedy supplier for kids, mentioned that greater than 960,000 of the corporate’s pediatric psychological well being sufferers had information stolen.