Ransomware Attack on Harvard Pilgrim Health Care Affects 2.5 Million

Written by Gabby Lee



June 2, 2023



Ransomware | Cybersecurity

Ransomware Attack on Harvard Pilgrim Health Care Affects 2.5 Million

Harvard Pilgrim Health Care (HPHC) has revealed that a ransomware attack in April 2023 affected approximately 2,550,922 individuals, with the attackers also extracting sensitive data from compromised systems.

The non-profit healthcare provider, headquartered in Massachusetts, reported the incident to the U.S. Department of Health and Human Services breach portal, as it impacts nearly all of its members.

Last week, HPHC issued a notification stating that the ransomware actors maintained unauthorized access to their systems from March 28 to April 17, 2023, until the breach was detected.

The breach has had consequences for the Harvard Pilgrim Health Care Commercial and Medicare Advantage Stride systems, affecting coverage.

The compromised data consists of various sensitive details, including:

Complete names
Residential addresses
Telephone numbers
Birth dates
Health insurance account details
Social Security numbers
Provider taxpayer-identification numbers
Clinical information encompassing medical records, diagnoses, treatments, service dates, and provider identities.

The scope of the incident extends to both present and past Harvard Pilgrim members who registered on or after March 28, 2012, as confirmed by the organization.

The exposed information is highly sensitive and poses a risk of phishing and social engineering attempts against the affected individuals. HPHC assures that no instances of data misuse have been identified.

To protect those affected, HPHC offers credit monitoring and identity theft protection services as preventative measures.

It is crucial to understand that ransomware organizations frequently leverage stolen data as leverage to coerce victims into meeting their ransom demands. In cases where victims resist payment, attackers might opt to sell the data to other cybercriminals or make it public.

Currently, no specific ransomware group has taken credit for the HPHC attack.

For current or former members of HPHC, it is highly recommended to exercise caution when receiving unsolicited messages and to remain vigilant.

Tweets by securitydailyr

Venom RAT Spreads Through Fake WinRAR Vulnerability Exploit on GitHub

by arsalan

A malicious actor executed a rather unconventional strategy by releasing a counterfeit proof-of-concept (PoC) exploit for a newly unveiled WinRAR vulnerability on the popular code-sharing platform GitHub. The intent behind this peculiar maneuver was to compromise...

TransUnion Hacked by the Threat Actor ‘USDoD’

by Andrew Doyle

In a recent cybersecurity development, TransUnion, a prominent credit reporting agency, appears to be grappling with a potential data breach incident. A hacker, operating under the alias "USDoD," has allegedly compromised the personal information of 58,505 customers...

ALPHV Breaches Australian Law Firm Impacting 65 Government Organizations

by Gabby Lee

In April, a ransomware incident targeted one of Australia's prominent law firms, HWL Ebsworth, causing a ripple effect across the nation's cybersecurity landscape. The breach, which exposed 1.45 gigabytes of the firm's data, was attributed to the Russian-speaking...

Ransomware Attack on Harvard Pilgrim Health Care Affects 2.5 Million

Written by Gabby Lee

June 2, 2023

Ransomware | Cybersecurity

Related Articles

Venom RAT Spreads Through Fake WinRAR Vulnerability Exploit on GitHub

TransUnion Hacked by the Threat Actor ‘USDoD’

ALPHV Breaches Australian Law Firm Impacting 65 Government Organizations

Stay Up to Date With The Latest News & Updates

Join Our Newsletter

Success!

Follow Us

Subscribe To Our Newsletter

You have Successfully Subscribed!