Healthcare IT Platform CareCloud Probing Potential Data Breach

Healthcare technology solutions provider CareCloud (Nasdaq: CCLD) has disclosed a cybersecurity incident that may have resulted in patient information compromise. CareCloud is a New Jersey-based publicly traded company that offers cloud-based software solutions to medical practices, clinics, and hospitals, including for electronic health records, revenue cycle management, practice management, and patient engagement. In a March 27 filing with the SEC, the company said its network was temporarily disrupted on March 16 due to a cybersecurity incident. Functionality and data access to one of its six electronic health record environments was affected for roughly 8 hours. The investigation into the incident is ongoing, with CareCloud attempting to determine whether the hacker accessed or exfiltrated any of the patient information or other data stored in the compromised environment. CareCloud said the cybersecurity incident was limited to its CareCloud Health environment and “did not affect other platforms, divisions, systems, data or environments”.  The company’s assessment at the time of the filing was that the incident did not have a material impact and that any potential losses should be covered by cyberinsurance.  The cyberattack was reported to the SEC due to the sensitivity of the potentially compromised information and the possible consequences of the incident, such as reputational damage, legal and regulatory requirements, and incident response costs. “All affected systems have been fully restored, and the Company believes that the threat actor no longer has any access to the same,” CareCloud stated. No known ransomware group appears to have taken credit for an attack on CareCloud at the time of writing, but if it was indeed a profit-driven cybercrime gang it may only name the company on its leak website after it deems that negotiations have failed or stalled. SecurityWeek has reached out to the company for additional details. Related: European Commission Reports Cyber Intrusion and Data Theft Related: Hightower Holding Data Breach Impacts 130,000 Related: Extortion Group Claims It Hacked AstraZeneca Related: HackerOne Employee Data Exposed in Massive Navia Breach WRITTEN BY Eduard Kovacs Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering. More from Eduard Kovacs CISA Flags Critical PTC Vulnerability That Had German Police Mobilized Alleged RedLine Malware Administrator Extradited to US Dell and HP Roll Out Quantum-Resistant Device Security Russian Cybercriminal Gets 2-Year Prison Sentence in US  US Prisons Russian Access Broker for Aiding Ransomware Attacks HackerOne Employee Data Exposed in Massive Navia Breach Stryker Says Malicious File Found During Probe Into Iran-Linked Attack M-Trends 2026: Initial Access Handoff Shrinks From Hours to 22 Seconds Latest News Silent Drift: How LLMs Are Quietly Breaking Organizational Access Control Huskeys Emerges From Stealth With $8 Million in Funding Russian APT Star Blizzard Adopts DarkSword iOS Exploit Kit European Commission Reports Cyber Intrusion and Data Theft Hacked Hospitals, Hidden Spyware: Iran Conflict Shows How Digital Fight Is Ingrained in Warfare Telnyx Targeted in Growing TeamPCP Supply Chain Attack Exploitation of Fresh Citrix NetScaler Vulnerability Begins FBI Confirms Kash Patel Email Hack as US Offers $10M Reward for Hackers Trending Webinar: Securing Fragile OT In An Exposed World March 10, 2026 Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure. Register Webinar: Why Automated Pentesting Alone Is Not Enough April 7, 2026 Join our live diagnostic session to expose hidden coverage gaps and shift from flawed tool-level evaluations to a comprehensive, program-level validation discipline. Register People on the Move Moderna has promoted Farzan Karimi to Deputy Chief Information Security Officer. Brian Goldfarb has been appointed Chief Marketing Officer at SentinelOne. Token has appointed Katy Nelson as Chief Revenue Officer. More People On The Move Expert Insights Why Agentic AI Systems Need Better Governance – Lessons From OpenClaw Agentic AI platforms are shifting from passive recommendation tools to autonomous action-takers with real system access, (Etay Maor) The Human IOC: Why Security Professionals Struggle With Social Vetting Applying SOC-level rigor to the rumors, politics, and 'human intel' can make or break a security team. (Joshua Goldfarb) How To 10x Your Vulnerability Management Program In The Agentic Era The evolution of vulnerability management in the agentic era is characterized by continuous telemetry, contextual prioritization and the ultimate goal of agentic remediation. (Nadir Izrael) SIM Swaps Expose A Critical Flaw In Identity Security SIM swap attacks exploit misplaced trust in phone numbers and human processes to bypass authentication controls and seize high-value accounts. (Torsten George) Four Risks Boards Cannot Treat As Background Noise The goal isn’t about preventing every attack but about keeping the business running when attacks succeed. (Steve Durbin) Flipboard Reddit Whatsapp Email