"Major Massachusetts Health Insurer Hit by Ransomware Attack, Member Data May Be Compromised"
The second-largest health insurer in Massachusetts was recently the victim of a ransomware attack in which sensitive personal information and health information of current and past members may have been compromised. Point32Health stated that a “cybersecurity ransomware incident” affecting its Harvard Pilgrim Health Care program was detected on April 17. An ongoing investigation indicated that from March 28 until April 17, members’ addresses, phone numbers, birthdates, Social Security numbers, medical history, treatment, dates of service, provider names, and other information may have been compromised. The company did not mention how many people might be affected. The company noted that they are currently working with third-party cybersecurity experts to conduct a thorough investigation into this incident and remediate the situation. Harvard Pilgrim Health Care provides services to more than 1.1 million members in Massachusetts, New Hampshire, Maine, and Connecticut. Point32Health did not mention if they paid the ransom. Other Point32Health companies, such as Tufts Health Plan and CarePartners of Connecticut, were unaffected.