NCG Medical

NCG Medical operates as a medical billing service headquartered in the United States, with a base of operations in Florida. The company provides billing and coding support to healthcare providers, managing the submission and follow‑up of insurance claims. In performing these services it routinely handles protected health information, including patient names, addresses, Social Security numbers, diagnoses and insurance‑coded medical records. Its work also involves processing corporate documents such as contracts, financial records and proprietary software source codes that belong to its healthcare clients.

The scale of its data handling was highlighted in a ransomware incident on 19 August 2022, when attackers encrypted systems and exfiltrated over 270 GB of information. The compromised data set included more than 50,000 personal records belonging to patients covered under HIPAA. This volume of data illustrates the substantial amount of sensitive information the organization manages on behalf of its clients. The breach also exposed internal business materials, indicating that NCG Medical maintains a broad repository of both clinical and administrative data.

As a medical billing specialist, NCG Medical focuses exclusively on the revenue‑cycle functions for healthcare entities, distinguishing it from broader health‑IT vendors. Its compliance obligations are shaped by HIPAA, given the nature of the protected health information it processes. During the 2022 attack the organization chose not to engage with the Hive ransomware group, which resulted in the attackers promptly publishing the stolen data on their leak site. The incident underscored the company’s role as a custodian of confidential patient and corporate data within the U.S. healthcare sector.