"Security, in all its forms, is a top priority for NextGen Healthcare. When we learned of the incident, we took steps to investigate and remediate, including working together with leading outside cybersecurity experts and notifying law enforcement. The individuals known to be impacted by this incident were notified on April 28, 2023, and we have offered them 24 months of free fraud detection and identity theft protection," company spokesperson Tami Andrade stated.

In regards to the information compromised in the data breach, the company confirms that their “investigation has revealed no evidence of any access or impact to any of your health or medical records or any health or medical data.” However, on being asked if the company has any means, such as records, to ascertain what data has been exfiltrated, Andrade declined to respond.

While reporting the issue to the Maine attorney general’s office, the firm noted that it was alerted of the suspicious activities on March 30. They further discovered that hackers had gained access to its networks between March 29 and April 14, 2023. According to the notification, the attackers used client credentials that "appear to have been stolen from other sources or incidents unrelated to NextGen" to log into its NextGen Office system, a cloud-based EHR and practice management solution.

Prior to this incident, in January, NextGen had witnessed a ransomware attack, reportedly conducted by the ALPHV ransomware gang (also known as BlackCat). Fragments of data stolen in the attack, such as employee names, addresses, phone numbers, and passport scans were apparently seen listed on ALPHV’s dark web leak site.