CareCloud reports EHR breach

New Jersey-based healthcare software company CareCloud has notified the SEC about a security incident that caused network disruption on March 16. CareCloud is a business associate of hospitals and physician practices and works with more than 45,000 providers. The company provides software solutions, including EHRs, and it was its electronic health record environment that was subject to unauthorized access. According to the SEC filing, a hacker gained access to one of its six electronic health record environments for a period of around 8 hours, partially disrupting functionality and data access. CareCloud was able to fully restore the environment on March 16, 2026. CareCloud believes that the threat actor no longer has access to its systems. Initially, the incident was reported to law enforcement, its cyber insurer was notified, and third-party cybersecurity specialists were engaged to assist with the investigation and help with securing its environment. When it became clear that this was a material incident due to the sensitivity of the data stored within the compromised environment and the potential cost of a data breach, the SEC was notified. CareCloud believes that the incident was contained in the one CareCloud Health environment, and no other business systems were involved. The investigation to determine the nature and scope of the unauthorized activity is ongoing, including the extent to which patient data was accessed or exfiltrated, and the categories of and volume of data involved.