Harvard Pilgrim Health Care (HPHC) has disclosed that a ransomware attack it suffered in April 2023 impacted 2,550,922 people, with the threat actors also stealing their sensitive data from compromised systems.
The Massachusetts-based non-profit health services provider shared this information—which corresponds to roughly all its members—to the U.S. Department of Health and Human Services breach portal.
Last week, the organization published a notice informing that ransomware actors maintained access to its systems between March 28 and April 17, 2023, when the breach was discovered.
A subsequent investigation conducted with the help of third-party cybersecurity experts revealed that the cybercriminals exfiltrated sensitive data from HPHC's network.
"Unfortunately, the investigation identified signs that data was copied and taken from our Harvard Pilgrim systems from March 28, 2023, to April 17, 2023," reads the notice.
"We are continuing our active investigation and conducting extensive system reviews and analysis before we can resume our normal business operations."
As a result of the attack, coverage under Harvard Pilgrim Health Care Commercial and Medicare Advantage Stride systems is impacted.
The stolen files include the following types of sensitive information:
- Full names
- Physical addresses
- Phone numbers
- Dates of birth
- Health insurance account information
- Social Security numbers
- Provider taxpayer identification numbers
- Clinical information, including medical history, diagnoses, treatment, dates of service, and provider names
The organization has clarified that the incident impacts current and former members of Harvard Pilgrim, who had a registration date starting on March 28, 2012.
The above information is very sensitive and could expose affected individuals to phishing or social engineering attacks. HPHC states that it has not detected any cases of stolen data misuse.
HPHC also provides credit monitoring and identity theft protection services to safeguard individuals impacted by this security incident.
It's important to note that ransomware gangs often exploit stolen data to pressure victims into complying with ransom demands. If victims refuse to pay, attackers may also sell the data to other cybercriminals or release it publicly.
No ransomware group has claimed responsibility for the attack on HPHC, according to the information available at this time.
For current or former members of HPHC, exercising caution when receiving unsolicited messages and maintaining vigilance over an extended period is strongly advised.
Comments
mohdrafeea - 10 months ago
Hi,
Recently, I have observed many Ransomware attacks targeting Health sector. What's the reasons of that? I cant understand the motive.
Mahhn - 10 months ago
All your data is with healthcare companies, they use and sell it to commit fraud, and make others lives worse. Evil people wanting to make others suffer, just because they can. There are lots of bad people in the world, most good people can't understand, because they aren't evil.
DyingCrow - 10 months ago
Health care might not be hardening as much, making them easier targets. Specially non profits, they just have the budget for the very basics.
Health care databases have a high change to contain valuable info such as SSN, along with other personal info such as phone #, email address and medical history, which can be used for targeted health care related scams.