March 31st, 2026
Healthcare IT giant CareCloud disclosed a cyberattack where an unauthorized actor accessed one of its electronic health record (EHR) environments.
The intrusion occurred on March 16, 2026, with access lasting ~8 hours before containment.
The affected environment stores sensitive patient health data, and the company is still investigating whether data was accessed or exfiltrated.
March 17th, 2026
On March 11th 2026, medical technology giant Stryker experienced a massive cybersecurity incident that resulted in tens of thousands (conservative estimates say 80k, with some estimates at 200k) of devices being remotely wiped, and corporate systems globally disrupted.
It was initially believed that systems had been breached by Iran-linked hacktivist group Handala, and infected by wiper malware.
Investigation later revealed that no malware or ransomware was involved. Rather, adversaries gained unauthorized access to an administrative account of enterprise management solutions (likely Microsoft Intune), created a new global administrator account, and then used admin privileges to wipe devices.
Who:
Victim: Lehigh Valley Health Network (LVHN), a Pennsylvania healthcare provider.
Perpetrator: Alphv/BlackCat ransomware gang.
What:
Incident: A ransomware attack on LVHN in early 2023, during which attackers accessed the network, stole data, and deployed ransomware. The data breach affected over 130,000 patients and employees, exposing personal and medical information, including sensitive clinical images.
Who:
Rite Aid, the third-largest drugstore chain in the United States.
RansomHub ransomware gang.
What:
Rite Aid confirmed a data breach following a cyberattack in June, claimed by the RansomHub ransomware operation.
