Point32Health ransomware attack exposed info of 2.5M people

After the recent ransomware attack, Point32Health disclosed a data breach that impacted 2.5 million Harvard Pilgrim Health Care subscribers.

In April, the non-profit health insurer Point32Health took systems offline in response to a ransomware attack that took place on April 17. The insurer immediately launched an investigation into the incident with the help of third-party cybersecurity experts to determine the extent of the incident.

The organization notified law enforcement and regulators.

Most impacted systems are related to Harvard Pilgrim Health Care, which in mid-April announced on Facebook that it was experiencing technical issues with its website and phone lines.

At the time of the attack, the company did not provide details about the attack, such as the family of ransomware that compromised its systems and the number of impacted individuals.

Now Point32Health revealed threat actors have exfiltrated data from the Harvard Pilgrim systems between March 28, 2023 and April 17, 2023. The company has notified the US Department of Health and Human Services that over 2.55 million individuals’ information was compromised in the ransomware attack, reported SecurityWeek.

“Harvard Pilgrim Health Care (“Harvard Pilgrim”) is providing notice of a data security incident that may affect the privacy of certain individuals’ protected health information and/or personal information.” reads a notice published by the company. “On April 17, 2023, Harvard Pilgrim discovered a cybersecurity ransomware incident that impacted systems that support Harvard Pilgrim Health Care Commercial and Medicare Advantage Stride℠ plans (HMO)/(HMO-POS). We are working with third-party cybersecurity experts to conduct a thorough investigation into this incident and remediate the situation.”

As of the time of writing, no ransomware group has taken responsibility for the attack.

Stolen data include names, addresses, phone numbers, birth dates, Social Security numbers, health insurance account information, taxpayer identification numbers, and clinical information, including medical history, diagnoses, and treatment details.

The security breach impacted former and current customers, as well as current and former members of Health Plans Inc. between June 2020 and present.

Harvard Pilgrim pointed out that it is not aware of any fraudulent use of stolen information.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Point32Health )