Major Massachusetts health insurer victim of ransomware attack, members information potentially compromised

second largest Massachusetts Health Insurance Company Company officials said the company was the victim of a ransomware attack that may have compromised sensitive personal information and the health information of current and former members.

In a statement posted on its website on Tuesday, Point32Health announced that a “cybersecurity ransomware incident” affecting the Harvard Pilgrim Healthcare Program was detected on April 17.

An ongoing investigation exposed members’ addresses, phone numbers, dates of birth, Social Security numbers, medical history, treatment status, work dates, provider names, and other information between March 28 and April 17. It turned out to be possible.

The nonprofit said it was not aware of any misuse of the information. It did not say how many people might be affected.

Massachusetts health care reform benefits Latinos, but problems remain

“We are working with third-party cybersecurity experts to conduct a thorough investigation of this incident and remediate the situation,” the statement said, adding that Harvard Pilgrim is taking steps to strengthen its cybersecurity. I added that there is.

Company spokeswoman Kathleen McKellan said in an email Wednesday that the company will notify people who may have been involved with the information.

The company also contacted the FBI. An FBI spokeswoman said the FBI had no comment.

The Point32Health logo will be displayed on the LED Arena ribbon during the Hockey East Championship game at TD Garden in Boston, Massachusetts on March 18, 2023. Point32Health fell victim to a ransomware attack that potentially exposed member information. (Erika Denhoff/Icon Sportswire via Getty Images/Getty Images)

Harvard Pilgrim Health Care serves more than 1.1 million members in Massachusetts. new hampshireIt’s in Maine, Connecticut, according to the company’s website.

mass.Government Signs Groundbreaking Health Care Bill

In ransomware attacks, hackers lock computer networks and demand money to unlock them. Point32Health did not say whether it paid the ransom.

law enforcement Government agencies, school systems, energy infrastructure, and healthcare systems have fallen victim to such attacks in recent years.

The Harvard Pilgrim breach affected the systems used to serve its members, brokers and providers, leaving some functions down.

Many of these systems are expected to be restored in the coming weeks, Makela said.


“We are currently conducting internal IT and business validations. Once this process is complete, we will be making parts of the process available in phases, alongside in-depth security inspections,” she said. wrote.

Insurers said they were able to continue to ensure that members received treatment.

Other Point32Health companies, including Tufts Health Plan and Connecticut’s CarePartners, were not affected.

Leave a Reply

Your email address will not be published. Required fields are marked *