cyber daily logo

Breaking news and updates daily. Subscribe to our Newsletter

Breaking news and updates daily. Subscribe to our Newsletter X facebook linkedin Instagram Instagram

1m customers affected in NextGen Healthcare data breach

A US-based cloud health records provider has sent out data breach notifications to more than 1 million people.

user icon David Hollingworth
Tue, 09 May 2023
1m customers affected in NextGen Healthcare data breach
expand image

NextGen Healthcare provides records management services to a range of medical practices, as well as a raft of other services to the healthcare industry. Given that the company works with healthcare professionals as a third-party service, it’s not likely a company name well known outside of those circles.

But that has certainly changed for the 1,049,375 people who were notified of the breach at the end of April.

NextGen filed a breach report with the Office of the Maine Attorney General on 5 May, after sending out the above breach notices on 28 April. The breach itself was discovered by the company on 24 April and occurred over a matter of weeks in May and April.


“On March 30, 2023, we were alerted to suspicious activity on our NextGen Office system. In response, we launched an investigation with the help of third-party forensic experts,” the letter read. “We also took measures to contain the incident, including resetting passwords, and contacted law enforcement.”

However, further investigation revealed the full extent of the breach.

“Based on our in-depth investigation to date, supported by our external experts, it appears that an unknown third-party gained unauthorised access to a limited set of electronically stored personal information between March 29, 2023 and April 14, 2023,” it said.

The affected data included names and addresses, dates of birth, and social security numbers.

According to NextGen’s breach report, the threat actors were able to gain access to its systems via “stolen client credentials that appear to have been stolen from other sources or incidents unrelated to NextGen”.

NextGen has offered victims 24 months of free fraud detection by way of compensation.

This is the second cyber incident that NextGen has dealt with this year. In January, the BlackCat ransomware group claimed responsibility for a successful attack on the company, and while NextGen denied any data was affected, BlackCat said otherwise.

“We immediately contained the threat, secured our network and have returned to normal operations,” a NextGen spokesperson said at the time. “Our forensic review is ongoing, and, to date, we have not uncovered any evidence of access to or exfiltration of client or patient data.”

However, BlackCat responded by posting a sample of the data it claims to have stolen.

NextGen has stated that it does not believe that the two attacks were linked.

David Hollingworth

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.

cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.