Hospital Tech giant NextGen Healthcare produces electronic health record software and practice management systems for the biggest hospitals in the U.S., U.K., Canada, and India. The company reports that hackers accessed the personal information during a cyberattack in March. The company claims that no patient treatment data was affected, but personally identifiable information, such as names, addresses, and social security numbers, was potentially exposed.
Why It Matters: The breach of personal information, including social security numbers, addresses, and birthdates, can lead to identity theft and other financial crimes. Tom Kellerman, a former Obama Administration cybersecurity official, stated healthcare providers are continually targeted by identity theft because many have “woeful inadequate cybersecurity”.
- “This is a massive cybercrime which will result in widespread identity theft,” said Tom Kellerman, former Obama administration cybersecurity official.
- The data breach affected more than one million people and was caused by a third-party software vendor.
- The breach occurred when hackers gained access to an employee email account in November 2020, and it was discovered in January 2021.
- The company claims that no financial information or medical records were affected.