Wednesday, February 21, 2024

Nextgen Healthcare Hacked – Over 1 Million Customers’ Data Exposed

NextGen Healthcare, which has its headquarters in Atlanta, Georgia, is a company that develops and markets software for the management of electronic health data and offers practice management services to medical practitioners.

The Office of the Maine Attorney General has released a Data breach notification that mentions NextGen Healthcare, Inc. 

The notification has provided the breach information that denotes data of nearly 1 million customers has been breached by an unauthorized party in which 3913 residents belong to Maine.

Threat actors have used stolen client credentials obtained from another stolen source to gain access to the NextGen database. The data stolen by the attackers are claimed to have the “Social Security Number” of customers.

As per the notification, the breach occurred between the 29th of March, 2023, and the 14th of April, 2023. However, the breach was discovered nearly 10 days later (24th April 2023). 

This breach was submitted to the authorities through the “Sheppard Mullin Richter and Hamptom LLP” firm. According to the Office of the Maine Attorney General, NextGen offers threat protection services as part of their Individual Notification Letter.

“NextGen Healthcare is offering you 24 months of free fraud detection and identity theft protection through Experian’s® IdentityWorks℠ product.“ reads the letter released by NextGen as part of this breach.

NextGen stated that even though there is no evidence that the stolen personal information has been used for criminal activities, they are ready to offer 24 months of free identity monitoring, fraud consultation, and identity theft restoration service through Experian’s IdentityWorks Program.

Further information regarding this data breach is still unconfirmed, and the Forensic investigation is still under process.

According to reports, the ALPHV ransomware organization, also known as BlackCat, claimed responsibility for a ransomware attack against NextGen in January of this year.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus


Latest articles

Beware of VietCredCare Malware that Steals businesses’ Facebook Accounts

A new cybersecurity threat targeting Facebook advertisers in Vietnam, known as VietCredCare, has emerged....

Google Chrome 122 Update Addresses Critical Security Vulnerabilities

Google has recently unveiled Chrome 122, a significant milestone for the widely used web...

New Malicious PyPI Packages Use DLL Sideloading In A Supply Chain Attack

Researchers have discovered that threat actors have been using open-source platforms and codes for...

New Mingo Malware Attacking Linux Redis Servers To Mine Cryptocurrency

The malware, termed Migo by the creators, attempts to infiltrate Redis servers to mine cryptocurrency on...

Security Onion 2.4.50 Released for Defenders With New Features

Security Onion Solutions has recently rolled out the latest version of its network security...

VMware Urges to Remove Enhanced EAP Plugin to Stop Auth & Session Hijack Attacks

VMware has issued an urgent advisory to administrators to remove a deprecated authentication plugin...

LockBit Ransomware Members Charged by Authorities, Free Decryptor Released

In a significant blow to one of the most prolific ransomware operations, authorities from...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Live Account Takeover Attack Simulation

Live Account Take Over Attack

Live Webinar on How do hackers bypass 2FA ,Detecting ATO attacks, A demo of credential stuffing, brute force and session jacking-based ATO attacks, Identifying attacks with behaviour-based analysis and Building custom protection for applications and APIs.

Related Articles