Nextgen Healthcare Hacked – Over 1 Million Customers’ Data Exposed

NextGen Healthcare, which has its headquarters in Atlanta, Georgia, is a company that develops and markets software for the management of electronic health data and offers practice management services to medical practitioners.

The Office of the Maine Attorney General has released a Data breach notification that mentions NextGen Healthcare, Inc. 

The notification has provided the breach information that denotes data of nearly 1 million customers has been breached by an unauthorized party in which 3913 residents belong to Maine.

Threat actors have used stolen client credentials obtained from another stolen source to gain access to the NextGen database. The data stolen by the attackers are claimed to have the “Social Security Number” of customers.

As per the notification, the breach occurred between the 29th of March, 2023, and the 14th of April, 2023. However, the breach was discovered nearly 10 days later (24th April 2023). 

This breach was submitted to the authorities through the “Sheppard Mullin Richter and Hamptom LLP” firm. According to the Office of the Maine Attorney General, NextGen offers threat protection services as part of their Individual Notification Letter.

“NextGen Healthcare is offering you 24 months of free fraud detection and identity theft protection through Experian’s® IdentityWorks℠ product.“ reads the letter released by NextGen as part of this breach.

NextGen stated that even though there is no evidence that the stolen personal information has been used for criminal activities, they are ready to offer 24 months of free identity monitoring, fraud consultation, and identity theft restoration service through Experian’s IdentityWorks Program.

Further information regarding this data breach is still unconfirmed, and the Forensic investigation is still under process.

According to reports, the ALPHV ransomware organization, also known as BlackCat, claimed responsibility for a ransomware attack against NextGen in January of this year.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Recent Posts

Evasive Panda Attacking Cloud Services To Steal Data Using New Toolkit

The Evasive Panda group deployed a new C# framework named CloudScout to target a Taiwanese…

5 hours ago

Massive Midnight Blizzard Phishing Attack Using Weaponized RDP Files

Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in…

6 hours ago

Sophisticated Phishing Attack Targeting Ukraine Military Sectors

The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215 against…

6 hours ago

Chinese Hackers Attacking Microsoft Customers With Sophisticated Password Spray Attacks

Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors to…

6 hours ago

New Windows Zero-Day Vulnerability Let Attackers Steal Credentials From Victim’s Machine

A security researcher discovered a vulnerability in Windows theme files in the previous year, which…

6 hours ago

SYS01 InfoStealer Malware Attacking Meta Business Page To Steal Logins

The ongoing Meta malvertising campaign, active for over a month, employs an evolving strategy to…

6 hours ago