CareCloud disclosed a cybersecurity incident on March 16, 2026, involving unauthorized access to an electronic health record (EHR) environment. The network disruption lasted approximately eight hours before the company restored systems.
The healthcare technology provider serves more than 45,000 healthcare providers. In a March 27 SEC filing, the company confirmed the compromised system stores sensitive patient information.
CareCloud is currently investigating the extent of the data access or theft. While operations remain unaffected, the company deemed the event material due to potential remediation, legal, and regulatory costs.
External cybersecurity experts are assisting with the investigation. The company has also notified law enforcement.