Point32Health

History

2023: Data theft of millions of Americans by hackers

On May 23, 2023, Point32Health, one of the largest insurance companies in the United States, reported cyber warfare, as a result of which attackers stole the medical data of millions of Americans.

Point32Health, the parent organization of Harvard Pilgrim Health Care and Tufts Health Plan, was attacked by a ransomware program. A preliminary investigation found that cybercriminals had infiltrated Harvard Pilgrim's information infrastructure. The theft of confidential information was carried out from March 28 to April 17, 2023: thus, hackers were able to download a huge array of files from the victim's servers.

Point32Health reported cyber warfare

The official notification says that the stolen databases may contain the following information: the names of customers, their physical addresses, phone numbers, dates of birth, insurance information medical , social security numbers, taxpayer identification numbers, medical histories, diagnoses, prescribed treatment, service dates, etc. In addition, certain data on contract suppliers were stolen.

Point32Health reports that as a result of the invasion, some of the affected IT systems, including those used to serve suppliers, had to be disconnected from the Internet - they remain offline. About which cyber group is behind the attack and whether the attackers presented a ransom demand, nothing is reported. The company continues to investigate and is taking steps to implement additional security tools.

Harvard Pilgrim does not know about any misuse of personal information and protected medical data as a result of this incident, but, nevertheless, the company began to notify potentially affected persons about what happened, the published message says.[1]

Notes