CyberHappenings logo
Home Browse Watchlists Experimental About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Patient data exposure at CareCloud Health following March 2026 intrusion

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

A healthcare IT provider, CareCloud Health, experienced a cyber intrusion on March 16, 2026, resulting in an eight-hour network disruption and unauthorized access to one of six electronic health record (EHR) environments containing patient data. The incident was detected the same day, contained the same evening, and involved a single SaaS-based EHR environment among CareCloud’s six production environments. Investigation is ongoing to determine the scope of data access and potential exfiltration. The attacker’s access was removed, all systems were restored, and external cybersecurity experts are assisting in remediation and hardening efforts. No public ransomware group has claimed responsibility for the intrusion at this time.

Timeline

  1. 31.03.2026 00:44 1 articles · 3h ago

    Unauthorized access to CareCloud Health EHR environment on March 16, 2026

    On March 16, 2026, CareCloud Health’s IT infrastructure was accessed by an unauthorized actor. The intrusion led to an eight-hour disruption affecting one of six electronic health record environments containing patient data. The environment was contained and restored the same day. CareCloud engaged external cybersecurity experts to conduct forensic analysis and enhance security controls. Investigation is ongoing to determine accessed and/or exfiltrated data types and impacted individuals.

    Show sources
    Open in new tab

Information Snippets

  • CareCloud Health, a healthcare IT SaaS provider based in New Jersey, disclosed an intrusion affecting one of six EHR environments on March 16, 2026.

    First reported: 31.03.2026 00:44
    1 source, 1 article
    Show sources

  • The intrusion caused an eight-hour network disruption and unauthorized access to a single EHR environment before being fully contained and restored the same day.

    First reported: 31.03.2026 00:44
    1 source, 1 article
    Show sources

  • CareCloud confirmed that one EHR environment containing patient health records was compromised, but did not specify how many individuals were impacted as the investigation into accessed and/or exfiltrated data types is ongoing.

    First reported: 31.03.2026 00:44
    1 source, 1 article
    Show sources

  • CareCloud reported the incident to its cybersecurity carrier and engaged a Big Four accounting firm’s cyber response advisory team to conduct a forensic investigation and assist with remediation and security hardening.

    First reported: 31.03.2026 00:44
    1 source, 1 article
    Show sources

  • The company stated that no other platforms, divisions, systems, or environments were impacted and that the attacker no longer has access to its database.

    First reported: 31.03.2026 00:44
    1 source, 1 article
    Show sources