NextGen Healthcare was added to the leak site by the BlackCat (aka ALPHV) ransomware group.
However, they contained the threat, secured our network, and returned to normal operations.
The threat actor behind the incident claimed to provide data and all information if the company does not pay.
Source: https://www.databreaches.net/blackcat-adds-nextgen-to-its-leak-site-but-where-did-it-go/
TPRM report: https://scoringcyber.rankiteo.com/company/nextgenhealthcareinc
"id": "nex164822123",
"linkid": "nextgenhealthcareinc",
"type": "Ransomware",
"date": "01/2023",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'Healthcare',
'name': 'NextGen Healthcare',
'type': 'Organization'}],
'description': 'NextGen Healthcare was added to the leak site by the BlackCat '
'(aka ALPHV) ransomware group. However, they contained the '
'threat, secured our network, and returned to normal '
'operations. The threat actor behind the incident claimed to '
'provide data and all information if the company does not pay.',
'motivation': 'Financial Gain',
'ransomware': {'ransomware_strain': 'BlackCat (aka ALPHV)'},
'response': {'containment_measures': 'The threat was contained and the '
'network was secured.',
'recovery_measures': 'Returned to normal operations.'},
'threat_actor': 'BlackCat (aka ALPHV)',
'title': 'NextGen Healthcare Ransomware Incident',
'type': 'Ransomware'}