HQ/EMEAFind out how we can help your business
The mobile medical care firm DocGo revealed that it had suffered a cyberattack in which the attackers had successfully infiltrated its servers, resulting in stealing patient health information.
The compromised entity is a healthcare firm that provides mobile health services, ambulance services, and remote monitoring to patients in the United Kingdom and numerous states in the US.
DocGo confirmed the cybersecurity incident that impacted its data after filing the FORM 8-K earlier this week.
Based on reports, DocGo warned its patients that it had experienced a cyberattack earlier this week. Moreover, they assured everyone they had already contacted a third-party security solutions provider to help them investigate and assess the situation.
The SEC filing also revealed that the company immediately deployed mitigation measures after detecting the unauthorised activity. In addition, they instantly launched an investigation, with help from third-party cybersecurity experts, and notified relevant law enforcement agencies.
However, the company did not disclose how they actually responded to the incident. Still, some researchers claim that these impacted firms typically shut down their IT systems after discovering a security breach to prevent the intruders from reaching additional parts of their infrastructure.
As part of DocGo’s investigation, it was found that the attack’s perpetrators had stolen their protected health information from a limited number of healthcare records for their US-based ambulance transportation service.
Hence, the company is now aggressively contacting individuals who the threat actors’ activity may have possibly impacted. Furthermore, the company emphasises that the cyberattack has not affected other business units and that there is no evidence of ongoing illicit access.
Subsequently, DocGo claims they do not expect the incident to impact their operations and finances significantly. On the other hand, no threat actors have claimed responsibility for the breach. Still, researchers explained that if the attack was a ransomware campaign and the ransom was not paid, the stolen data would most likely be used to extort DocGo.
This healthcare provider has yet to provide more details about the incident. Therefore, potentially affected individuals should wait for further announcements while DocGo investigates the incident.
