Ransomware

Ransomware Attack Hits Health Insurer Point32Health

Health insurer Point32Health takes systems offline after falling victim to ransomware attack.

April 20, 2023

Non-profit health insurer Point32Health says it has taken systems offline to contain a ransomware attack identified this week.

Established in 2021 as the merger between Harvard Pilgrim Health Care and Tufts Health Plan, Point32Health is the second largest health insurer in Massachusetts, serving more than 2 million customers.

In a notification published this week, the organization revealed that it fell victim to a ransomware attack on April 17, which forced it to take systems offline to contain the incident.

The attack, Point32Health says, impacted systems it uses “to service members, accounts, brokers, and providers”, with most of them related to Harvard Pilgrim Health Care.

“We have notified law enforcement and regulators, and are working with third-party cybersecurity experts to conduct a thorough investigation into this incident and remediate the situation,” the insurer says.

Earlier this week, Harvard Pilgrim Health Care announced on Facebook that its website and communication services are disrupted.

“We are currently experiencing technical issues with our website and phone lines. We’re sorry for the inconvenience,” the organization said.

Advertisement. Scroll to continue reading.

The company says it has yet to determine whether personal information was compromised in the attack.

Point32Health did not say how many individuals might have been impacted by the incident but, according to the organization, Harvard Pilgrim Health Care serves roughly 1.1 million individuals.

SecurityWeek has emailed Point32Health for additional information on the breach but the company shared no other details.

Written By Ionut Arghire

Ionut Arghire is an international correspondent for SecurityWeek.

Latest News

Click to comment

Virtual Event: Threat Detection and Incident Response Summit

Wednesday, May 24, 2023

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.

Virtual Event: CISO Forum Virtual Summit

June 13-14, 2023

Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.

Breaking Enterprise Silos and Improving Protection

When teams have a way to break down enterprise silos and see and understand what is happening, they can improve protection across their increasingly dispersed and diverse environment. (Matt Wilson)

Security Pros: Before You Do Anything, Understand Your Threat Landscape

Regardless of the use case your security organization is focused on, you’ll likely waste time and resources and make poor decisions if you don’t start with understanding your threat landscape. (Marc Solomon)

Today’s Cyber Defense Challenges: Complexity and a False Sense of Security

Industry standard frameworks and guidelines often lead organizations to believe that deploying more security solutions will result in greater protection against threats. (Torsten George)

Cutting Through the Noise: What is Zero Trust Security?

With proactive steps to move toward Zero Trust, technology leaders can leverage an old, yet new, idea that must become the security norm. (Marie Hattar)

Triple Threat: Insecure Economy, Cybercrime Recruitment and Insider Threats

A wave of layoffs, coupled with increased recruitment efforts by cybercriminals, could create the perfect conditions for insider threats to flourish (Derek Manky)