Point32Health, the second-largest health insurer in Massachusetts, is in the process of informing more than 2.5 million individuals that their personal and protected health information was stolen in a recent ransomware attack.
Identified on April 17 and initially disclosed on April 20, the attack impacted systems related to Point32Health’s Harvard Pilgrim Health Care, and resulted in the exfiltration of data pertaining to both current and former health plan subscribers and dependents.
Between March 28 and April 17, Harvard Pilgrim says, the attackers exfiltrated files containing names, addresses, phone numbers, birth dates, Social Security numbers, health insurance account information, taxpayer identification numbers, and clinical information, including medical history, diagnoses, and treatment details.
Reposted from SecurityWeek