NextGen Healthcare, which has its headquarters in Atlanta, Georgia, is a company that develops and markets software for the management of electronic health data and offers practice management services to medical practitioners.
The Office of the Maine Attorney General has released a Data breach notification that mentions NextGen Healthcare, Inc.
The notification has provided the breach information that denotes data of nearly 1 million customers has been breached by an unauthorized party in which 3913 residents belong to Maine.
Threat actors have used stolen client credentials obtained from another stolen source to gain access to the NextGen database. The data stolen by the attackers are claimed to have the “Social Security Number” of customers.
As per the notification, the breach occurred between the 29th of March, 2023, and the 14th of April, 2023. However, the breach was discovered nearly 10 days later (24th April 2023).
This breach was submitted to the authorities through the “Sheppard Mullin Richter and Hamptom LLP” firm. According to the Office of the Maine Attorney General, NextGen offers threat protection services as part of their Individual Notification Letter.
“NextGen Healthcare is offering you 24 months of free fraud detection and identity theft protection through Experian’s® IdentityWorks℠ product.“ reads the letter released by NextGen as part of this breach.
NextGen stated that even though there is no evidence that the stolen personal information has been used for criminal activities, they are ready to offer 24 months of free identity monitoring, fraud consultation, and identity theft restoration service through Experian’s IdentityWorks Program.
Further information regarding this data breach is still unconfirmed, and the Forensic investigation is still under process.
According to reports, the ALPHV ransomware organization, also known as BlackCat, claimed responsibility for a ransomware attack against NextGen in January of this year.
Struggling to Apply The Security Patch in Your System? –
Try All-in-One Patch Manager Plus
The Evasive Panda group deployed a new C# framework named CloudScout to target a Taiwanese…
Researchers warn of ongoing spear-phishing attacks by Russian threat actor Midnight Blizzard targeting individuals in…
The Ukrainian Cyber Emergency Response Team discovered a targeted phishing campaign launched by UAC-0215 against…
Researchers have identified a network of compromised devices, CovertNetwork-1658, used by Chinese threat actors to…
A security researcher discovered a vulnerability in Windows theme files in the previous year, which…
The ongoing Meta malvertising campaign, active for over a month, employs an evolving strategy to…