← Back to incidents

Incident · Unknown

DocGo Inc. · DCGO

Health CareUSAIncident May 1, 2024Filed May 7, 2024
Impact score
Business continuity
Insurance involved
Not disclosed
Filing
8-K · 8.01

Breach taxonomy

UnknownData ExfilPersonal DataInfo Privacy Loss

Summary

DocGo Inc. recently identified a cybersecurity incident in which a threat actor accessed and acquired data including certain protected health information (PHI) from a limited number of healthcare records within the company's U.S.-based ambulance transportation business. No other business lines were involved. The incident was contained with no evidence of continued unauthorized activity as of the filing date. Affected parties are being notified as required by law. Filed under Item 8.01; company determined the incident was not material.

Tagging rationale

ThreatUnknown

Filing does not attribute the incident to a specific actor → UNKNOWN.

MethodsData Exfil

Filing confirms the threat actor accessed and acquired data including PHI from company systems → DATA-EXFIL.

AssetsPersonal Data

Threat actor accessed and acquired protected health information (PHI) from ambulance transportation healthcare records → PERSONAL-DATA.

EffectsInfo Privacy Loss

Protected health information was acquired from healthcare records, constituting a privacy loss for affected patients → INFO-PRIVACY-LOSS.

Impact

PHI breach limited to ambulance transportation business records; limited scope (limited number of records); non-material per company; no operational disruption → score 2.

InsuranceNot disclosed

Filing makes no mention of insurance → null.

Read the original SEC filing excerpt
Item 8.01 Other Events. DocGo Inc. (the Company) recently identified a cybersecurity incident involving certain of the Company's systems. Promptly after detecting unauthorized activity, the Company took steps to contain and respond to the incident, including launching an investigation, with assistance from leading third-party cybersecurity experts, and notifying relevant law enforcement. As part of its investigation, the Company has determined that the threat actor accessed and acquired data, including certain protected health information, from a limited number of healthcare records within the Company's U.S.-based ambulance transportation business, and that no other business lines have been involved. In addition, although the investigation is ongoing, as of the date of this Current Report on Form 8-K, the Company has found no evidence of continued unauthorized activity on its systems and has contained the incident. The Company has started the process of providing notifications as required by applicable law. To date, the cybersecurity incident has not had a material impact on the Company's operations, and the Company currently does not expect that the cybersecurity incident will have a material impact on its overall financial condition or on its ongoing results of operations.
View SEC filingBack to database

More in Health Care

Unknown · March 16, 2026

CareCloud, Inc.

On March 16, 2026, CareCloud experienced a network disruption in its CareCloud Health division caused by an unauthorized third party that te

Unknown · March 11, 2026

Stryker Corporation

On March 11, 2026, Stryker Corporation identified a cybersecurity incident affecting its Entra ID/Active Directory environment, servers, and

Unknown · November 3, 2025

The Oncology Institute, Inc.

The Oncology Institute disclosed that a cybersecurity incident at a third-party IT software provider was causing potential delays in the com

Unknown · August 8, 2025

Inotiv, Inc.

On August 8, 2025, Inotiv, Inc. identified a cybersecurity incident in which a threat actor gained unauthorized access to and encrypted cert