Healthcare IT provider CareCloud has disclosed a cybersecurity incident that resulted in unauthorized access to sensitive data and a temporary disruption of its systems. The breach, which occurred on March, 2026, affected part of the company’s infrastructure and briefly impacted access to electronic health records. According to a filing with the U.S. Securities and Exchange Commission, the intrusion caused a network disruption within CareCloud’s Health division, limiting functionality in one of its six electronic health record (EHR) environments. The disruption lasted approximately eight hours before the company restored full system access later the same day.
CareCloud confirmed that attackers gained access to its IT environment during the incident. While the breach appears to have been contained to a single EHR system, that environment stores patient health records, raising concerns about potential exposure of sensitive healthcare data. The company has launched a comprehensive investigation to determine the full scope of the incident, including what specific data may have been accessed or exfiltrated. At this stage, the number of affected individuals has not been disclosed.
In response to the breach, CareCloud engaged external cybersecurity specialists, including a cyber response advisory team from a major global consulting firm, to assist with incident containment, system recovery, and forensic analysis. The company also notified its cybersecurity insurance provider as part of its response protocol. CareCloud emphasized that the intrusion was limited in scope and did not impact its other platforms, systems, or operational divisions. It also stated that the threat actor no longer has access to its environment and that all affected systems have been fully restored.
The company is now working to strengthen its security posture, implementing additional safeguards to prevent similar incidents in the future. No ransomware group has publicly claimed responsibility for the attack, and the method of intrusion has not yet been disclosed As a provider of cloud-based healthcare solutions including electronic health records, revenue cycle management, and patient experience platforms CareCloud plays a critical role in managing sensitive medical data. Incidents like this highlight the ongoing challenges healthcare organizations face in protecting patient information amid an increasingly complex threat landscape. The investigation remains ongoing, and further updates are expected as more details about the breach emerge.
Recommended Cyber Technology News :
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
