Massachusetts well being insurer faces ransomware assault, member information in danger

The second-largest well being insurer in Massachusetts was once the sufferer of a ransomware assault by which delicate non-public data in addition to well being data of present and previous individuals can have been compromised, corporate officers stated.

Point32Health stated in a commentary on its site Tuesday {that a} “cybersecurity ransomware incident” affecting its Harvard Pilgrim Health Care program was once detected April 17.

An ongoing investigation indicated that from March 28 till April 17, individuals’ addresses, telephone numbers, birthdates, Social Security numbers, clinical historical past, remedy, dates of provider, supplier names and different data can have been compromised.

Keep up with probably the most business’s quickest rising sectors. Sign up for Digital Health Intelligence.

The not-for-profit corporate stated it was once no longer conscious about any misuse of the guidelines. It didn’t say what number of people could be affected.

“We are working with third-party cybersecurity experts to conduct a thorough investigation into this incident and remediate the situation,” the commentary stated, including that Harvard Pilgrim is taking steps to strengthen its cybersecurity.

Company spokeswoman Kathleen Makela stated Wednesday by way of e-mail that the corporate could be notifying folks whose data can have been concerned.

The corporate additionally contacted the FBI. An FBI spokesperson stated the company had no remark.

Harvard Pilgrim Health Care supplies services and products to greater than 1.1 million individuals in Massachusetts, New Hampshire, Maine and Connecticut, in keeping with the corporate site.

Ransomware assaults contain hackers locking up a pc community and important cash to release it. Point32Health didn’t say whether or not it has paid a ransom.

Not a Modern Healthcare subscriber? Sign up these days.

Law enforcement businesses, faculty programs, power infrastructure and well being programs were sufferers of such assaults lately.

The Harvard Pilgrim breach affected programs used to provider individuals, agents and suppliers, and a few purposes remained down.

A variety of the ones programs had been anticipated to be restored within the coming weeks, in keeping with Makela.

“We are these days going in the course of the inside IT and industry validations. Once this procedure is entire, along our thorough safety screenings, a few of our processes will turn out to be to be had in a phased style,” she wrote.

The insurer stated it’s been ready to proceed making sure its individuals have get right of entry to to care.

Other Point32Health firms reminiscent of Tufts Health Plan and CareCompanions of Connecticut weren’t affected.