Privacy, Data Security

Point32Health patient data compromised in ransomware attack

Major New England health insurer Point32Health has confirmed the theft of patient medical information from its subsidiary Harvard Pilgrim Health Care following a ransomware attack last month, according to The Record, a news site by cybersecurity firm Recorded Future. Harvard Pilgrim, which caters to over 1.1 million members across Massachusetts, Connecticut, Maine, and New Hampshire, had its systems infiltrated from March 28 to April 17, when threat actors were able to exfiltrate data from current and former members and their dependents, including names, birthdates, Social Security numbers, medical history, treatment dates, diagnoses, and provider names. Data from providers currently under contract with Harvard Pilgrim has also been compromised in the attack, but no impact has been reported at Point32Health's Tufts Health Plan. "At this point, Harvard Pilgrim is not aware of any misuse of personal information and protected health information as a result of this incident, but nonetheless has begun notifying potentially affected individuals to provide them with more information and resources," said Harvard Pilgrim.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.