Over 1 Million NextGen Healthcare Patients Data Exposed in Recent Security Breach
Table of Contents
- By Steven
- May 19, 2023
NextGen Healthcare is an Atlanta-based healthcare services company that helps hospitals and health practices manage health record data electronically. The company was founded in 1973 and manages data for millions of different patients throughout the United States. With so many patients relying on the same service, this company is a huge security vulnerability since it suffered from a major data breach.
How Did the Attack Occur?
According to the officials looking into the NextGen Healthcare data breach, the attack was possible because credentials for an important individual were taken from a different service and used at NExtGen Healthcare. This is known as credential stuffing, and this tactic has been used by attackers to access an array of different services over time. The hackers got into the system on March 29 and remained inside until April 14, 2023, when they were finally blocked out. During that time, the attackers were able to gather personal data for over 1 million patients with records stored with NextGen Healthcare services.
What Information Was Viewed or Stolen?
During the attack on NextGen Healthcare, just enough data was stolen from patients to be harmful. The attack resulted in the loss of first and last names, birth dates, Social Security numbers, and home addresses for patients. There is no indication that healthcare information specifically was lost to this data breach. Even without healthcare information or insurance information, there is enough personal data released in this breach to be harmful to anyone exposed by the breach. If you believe you were hit by this breach, you should start watching for suspicious activities on your credit report so you can resolve the problems effectively.
How Did NextGen Healthcare Admit to the Breach?
NextGen Healthcare sent a statement to the Maine Attorney General and also began sending out individual notices to everyone involved with this breach. The notes explain what dates the breach was possible as well as how much information was put at risk by the breach overall. The notices are brief, but they give just enough data to help you understand what happened.
What Will Become of the Stolen Information?
The data stolen from patients at NextGen Healthcare is likely to be used for identity theft purposes. The attackers will leverage that information to open fraudulent accounts using the patient information and to spend money in the name of some of these individuals.
What Should Affected Parties Do in the Aftermath of the Breach?
If you receive a notice from NextGen Healthcare letting you know that your data may have been released to the attackers from this data breach, you should take immediate action to protect yourself. Start by looking at your credit reports for any strange activity. Consider investing in credit monitoring or identity theft protection services and use them to watch for any strange activity on your credit history that you should be worried about. If you notice anything strange happening, you can immediately put a freeze on your credit and reach out to the companies involved letting them know that fraudulent accounts have been opened in your name.