2.5 Million Affected by Harvard Pilgrim Health Care Ransomware Attack: The Latest in Cybersecurity Threats

Harvard Pilgrim Health Care Discloses Data Breach Impacting Over 2.5 Million People

IT Services provider, Harvard Pilgrim Health Care (HPHC), has recently disclosed that it suffered a ransomware attack in April 2023 that impacted 2,550,922 people. During the attack, the threat actors were able to steal sensitive data from compromised systems. HPHC, a Massachusetts-based non-profit health services provider, shared this information with the U.S. Department of Health and Human Services breach portal. This information corresponds to roughly all of its members.

Last week, IT Services provider HPHC published a notice informing the public that ransomware actors maintained access to its systems between March 28 and April 17, 2023, when the breach was discovered. A subsequent investigation conducted with the help of third-party cybersecurity experts revealed that the cybercriminals exfiltrated sensitive data from HPHC’s network.

According to the notice, “Unfortunately, the investigation identified signs that data was copied and taken from our Harvard Pilgrim systems from March 28, 2023, to April 17, 2023.” HPHC is continuing its active investigation and conducting extensive system reviews and analysis before it can resume normal business operations.

The stolen files include sensitive information such as full names, physical addresses, phone numbers, dates of birth, health insurance account information, social security numbers, provider taxpayer identification numbers, and clinical information, including medical history, diagnoses, treatment, dates of service, and provider names. The incident impacts current and former members of Harvard Pilgrim who registered on March 28, 2012, and after.

HPHC clarified that the above information is very sensitive and could expose affected individuals to phishing or social engineering attacks. HPHC states that it has not detected any cases of stolen data misuse. To safeguard individuals impacted by this security incident, HPHC also provides credit monitoring and identity theft protection services.

Ransomware gangs often exploit stolen data to pressure victims into complying with ransom demands. If victims refuse to pay, attackers may sell the data to other cybercriminals or release it publicly. No ransomware group has claimed responsibility for the attack on HPHC, according to the information available at this time. For current or former members of HPHC, exercising caution when receiving unsolicited messages and maintaining vigilance over an extended period is strongly advised.