Article Details

DocGo discloses cyberattack after hackers steal patient health data. Mobile medical care firm DocGo confirmed it suffered a cyberattack after threat actors breached its systems and stole patient health data. DocGo is a healthcare provider that offers mobile health services, ambulance services, and remote monitoring for patients in thirty US states and across the United Kingdom. In a Tuesday evening FORM 8-K filing filed with the SEC, DocGo warned that they recently suffered a cyberattack and are working with third-party cybersecurity experts to assist in the investigation. "Promptly after detecting unauthorized activity, the Company took steps to contain and respond to the incident, including launching an investigation, with assistance from leading third-party cybersecurity experts, and notifying relevant law enforcement," reads the DocGo SEC filing. While the Company did not share how they responded to the incident, organizations commonly shut down their IT systems after detecting a breach to prevent the spread of the attack.  As part of DocGo's investigation, it was determined that the hackers stole protected health information from a "limited number of healthcare records" for the Company's US-based ambulance transportation business. DocGo is actively reaching out to individuals whose data was compromised in the attack. The Company stresses that no other business units have been affected and that they have found no evidence of continued unauthorized access. DocGo says that they do not believe the attack will have a material impact on the Company's operations and finances. No threat actors have claimed responsibility for the breach, but if it was a ransomware attack and a ransom is not paid, we will likely see the stolen data used as leverage in the future to extort DocGo. BleepingComputer contacted DocGo to learn how many people were affected by the breach but a reply was not immediately available.