Mobile medical service DocGo confirms it suffered a major cyberattack

Red padlock open on electric circuits network dark red background
(Image credit: Shutterstock/Chor muang)

On-demand medical transportation and telemedicine company DocGo has said it recently suffered a cyberattack which resulted in the theft of some sensitive, health-related data.

In an 8-K form filed with the Securities and Exchange Commission (SEC), the company said it recently identified a cybersecurity incident “involving certain parts of the company’s systems.” 

As soon as it spotted the attack, the company did the usual: launched an investigation, brought in external cybersecurity experts for analysis and forensics, and notified relevant authorities. Whether or not it was forced to shut down its systems, and thus disrupt its day-to-day operations, is unknown at this time. 

Ongoing investigation

The subsequent investigation determined that the attackers did access, and exfiltrate, some information from the company’s IT infrastructure, “including certain protected health information from a limited number of healthcare records within the company’s U.S.-based ambulance transportation business.” 

So far, we don’t know exactly what kind of health information was taken, or how many people are affected. DocGo did say that it started notifying the victims. 

Since the investigation is still ongoing, results may vary, but so far there is no evidence of other business units being affected by the breach, no evidence of the attackers still lingering on the network, no evidence of the stolen data being abused in the wild, and no evidence of the incident having a material impact on the company. 

Since hacking groups are yet to take responsibility for this attack, we don’t know if this was a ransomware incident, or a simple data smash-and-grab. In recent times, ransomware operators have started abandoning the encryption part of the attack, and started focusing solely on data exfiltration. Apparently, developing, maintaining, and deploying an encryptor is too expensive and too cumbersome. Demanding money in exchange for the data seems lucrative enough. 

Via BleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
ID theft
Over a million patients potentially hit after another US healthcare provider hit by cyberattack
security
Ransomware gangs allegedly hit two major US healthcare firms, 300,000 patients have data stolen
ransomware avast
The biggest addiction treatment provider in the US says it was hit by data breach
healthcare
Over a million clinical records exposed in data breach
Data breach
Top medical billing firm says data breach hit 360,000 users
Lock on Laptop Screen
United Healthcare data breach may have affected 190 million Americans
Latest in Security
Isometric demonstrating multi-factor authentication using a mobile device.
NCSC gets influencers to sing the praises of 2FA
Sam Altman and OpenAI
OpenAI is upping its bug bounty rewards as security worries rise
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
China
Notorious Chinese hackers FamousSparrow allegedly target US financial firms
A digital representation of a lock
NYU website defaced as hacker leaks info on a million students
NHS
NHS IT supplier hit with major fine following ransomware attack
Latest in News
Nintendo Switch 2 Joy-Con up-close from app store
Nintendo's new app gave us another look at the Switch 2, and there's something different with the Joy-Con
cheap Nintendo Switch game deals sales
Nintendo didn't anticipate that Mario Kart 8 Deluxe was 'going to be the juggernaut' for the Nintendo Switch when it was ported to the console, according to former employees
Three angles of the Apple MacBook Air 15-inch M4 laptop above a desk
Apple MacBook Air 15-inch (M4) review roundup – should you buy Apple's new lightweight laptop?
Witchbrook
Witchbrook, the life-sim I've been waiting years for, finally has a release window and it's sooner than you think
Close up of Leica M11-P viewfinder
I wince at the prospect of the rumored Leica M11-V – here's why
Amazon Echo Smart Speaker
Amazon is experimenting with renaming Echo speakers to Alexa speakers, and it's about time