NextGen Healthcare is a cloud-based health services company that helps doctor's offices and hospitals manage patient records remotely. The provider is essential to many healthcare providers today, but the service offered by NextGen requires it to house some very important data. This data has been put at risk by a recent data breach impacting NextGen patients.
According to the team that analyzed the data breach at NextGen Healthcare, the attackers used credentials obtained on a different service to access NextGen Healthcare files. We suspect that the attacker was able to breach a different system that contained many emails and passwords and that those credentials were put into the NextGen Healthcare admin control panel until one finally worked, enabling the attackers a way into the confidential files and data records for the company. We don't know if that's actually how the breach was possible, but more attackers are relying on this tactic known as credential stuffing today than ever before.
This NextGen Healthcare data breach occurred between March 29 and April 14 of 2023. Over the weeks that the breach was an issue, data for more than 1 million different patients were exposed to hackers.
This NextGen Healthcare data breach impacts patients that have their data stored with the healthcare company specifically. If you work with a doctor's office or hospital that relies on NextGen Healthcare, your patient data may be at risk.
We have no final numbers of the NextGen Healthcare files impacted by this data breach. We only know that more than 1 million patients were impacted by the breach, and we doubt the company will release the total file count from the attack.