DocGo, a mobile medical care firm, recently confirmed a cyberattack that resulted in the theft of patient health data. The healthcare provider, which offers mobile health services and ambulance services across thirty US states and the United Kingdom, detected unauthorized activity within their systems. In response to the breach, DocGo promptly took measures to contain the incident, including shutting down IT systems to halt the spread of the attack, launching an investigation with assistance from third-party cybersecurity experts, and notifying relevant law enforcement agencies.
During their investigation, it was discovered that the attackers had accessed and stolen protected health information from a limited number of healthcare records specifically related to DocGo’s US-based ambulance transportation business. This breach prompted an immediate response from DocGo to reach out to the individuals whose data was compromised. The company has emphasized that the breach was contained to one particular segment of their business and that other units were not affected.
In their communication about the breach, including a FORM 8-K filing with the Securities and Exchange Commission (SEC), DocGo disclosed the steps taken post-incident and affirmed their ongoing efforts to secure their systems. The company has engaged leading cybersecurity experts to ensure that there is no continued unauthorized access and to bolster their defenses against future cyber threats.
DocGo has also reassured stakeholders that despite the breach, they do not believe the incident will have a material impact on the company’s operations or financial health. The proactive measures taken by DocGo to address and mitigate the consequences of the cyberattack demonstrate their commitment to maintaining trust and security standards. Moving forward, the incident underscores the critical importance of robust cybersecurity measures for protecting sensitive health information in the increasingly targeted healthcare sector.
