Cloud-Based EHR Vendor Notifies SEC About Hacking Incident

CareCloud: Intruder Accessed Systems for 8 Hours, Still Assessing Extent of Breach Marianne Kolbasuk McGee (HealthInfoSec) • March 30, 2026

Cloud-based electronic health records vendor CareCloud has notified the U.S. Securities and Exchange Commission of a cyber incident earlier this month that temporarily disrupted the software and accessed one of its EHR environments. The company is assessing whether patient data was accessed or stolen.

See Also: The End of Plausible Deniability: Data Privacy Compliance in 2026

Somerset, New Jersey-based CareCloud, which generated $120.5 million in revenue in 2025, told the SEC on Friday that it suffered a network disruption on March 16 for about eight hours that affected the functionality and access to one of its six EHR environments ...