Nextgen Healthcare Hacked – Over 1 Million Customers’ Data Exposed

NextGen Healthcare, which has its headquarters in Atlanta, Georgia, is a company that develops and markets software for the management of electronic health data and offers practice management services to medical practitioners.

The Office of the Maine Attorney General has released a Data breach notification that mentions NextGen Healthcare, Inc. 

The notification has provided the breach information that denotes data of nearly 1 million customers has been breached by an unauthorized party in which 3913 residents belong to Maine.

Threat actors have used stolen client credentials obtained from another stolen source to gain access to the NextGen database. The data stolen by the attackers are claimed to have the “Social Security Number” of customers.

As per the notification, the breach occurred between the 29th of March, 2023, and the 14th of April, 2023. However, the breach was discovered nearly 10 days later (24th April 2023). 

This breach was submitted to the authorities through the “Sheppard Mullin Richter and Hamptom LLP” firm. According to the Office of the Maine Attorney General, NextGen offers threat protection services as part of their Individual Notification Letter.

“NextGen Healthcare is offering you 24 months of free fraud detection and identity theft protection through Experian’s® IdentityWorks℠ product.“ reads the letter released by NextGen as part of this breach.

NextGen stated that even though there is no evidence that the stolen personal information has been used for criminal activities, they are ready to offer 24 months of free identity monitoring, fraud consultation, and identity theft restoration service through Experian’s IdentityWorks Program.

Further information regarding this data breach is still unconfirmed, and the Forensic investigation is still under process.

According to reports, the ALPHV ransomware organization, also known as BlackCat, claimed responsibility for a ransomware attack against NextGen in January of this year.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

XSS Vulnerability in Bing.com Let Attackers Send Crafted Malicious Requests

A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute…

1 hour ago

Meta Removed 2 Million Account Linked to Malicious Activities

 Meta has announced the removal of over 2 million accounts connected to malicious activities, including…

5 hours ago

Veritas Enterprise Vault Vulnerabilities Lets Attackers Execute Arbitrary Code Remotely

Critical security vulnerability has been identified in Veritas Enterprise Vault, a widely-used archiving and content…

5 hours ago

7-Zip RCE Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability has been disclosed in the popular file archiving tool 7-Zip, allowing…

6 hours ago

Massive Credit Card Leak, Database of 1,221,551 Cards Circulating on Dark Web

A massive data breach has sent shockwaves across the globe, as a database containing sensitive…

7 hours ago

Nearest Neighbor Attacks: Russian APT Hack The Target By Exploiting Nearby Wi-Fi Networks

Recent research has revealed that a Russian advanced persistent threat (APT) group, tracked as "GruesomeLarch"…

2 days ago