Connect with us

Hi, what are you looking for?



Ransomware Attack Hits Health Insurer Point32Health

Health insurer Point32Health takes systems offline after falling victim to ransomware attack.

Non-profit health insurer Point32Health says it has taken systems offline to contain a ransomware attack identified this week.

Established in 2021 as the merger between Harvard Pilgrim Health Care and Tufts Health Plan, Point32Health is the second largest health insurer in Massachusetts, serving more than 2 million customers.

In a notification published this week, the organization revealed that it fell victim to a ransomware attack on April 17, which forced it to take systems offline to contain the incident.

The attack, Point32Health says, impacted systems it uses “to service members, accounts, brokers, and providers”, with most of them related to Harvard Pilgrim Health Care.

“We have notified law enforcement and regulators, and are working with third-party cybersecurity experts to conduct a thorough investigation into this incident and remediate the situation,” the insurer says.

Earlier this week, Harvard Pilgrim Health Care announced on Facebook that its website and communication services are disrupted.

“We are currently experiencing technical issues with our website and phone lines. We’re sorry for the inconvenience,” the organization said.

Advertisement. Scroll to continue reading.

The company says it has yet to determine whether personal information was compromised in the attack.

Point32Health did not say how many individuals might have been impacted by the incident but, according to the organization, Harvard Pilgrim Health Care serves roughly 1.1 million individuals.

SecurityWeek has emailed Point32Health for additional information on the breach but the company shared no other details.

Related: 3.3 Million Impacted by Ransomware Attack at California Healthcare Provider

Related: Patient Information Compromised in Data Breach at San Diego Healthcare Provider

Related: Vulnerabilities in OpenEMR Healthcare Software Expose Patient Data

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.


The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.


The City of Oakland has disclosed a ransomware attack that impacted several non-emergency systems.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.


The personal and health information of more than 3.3 million individuals was stolen in a ransomware attack at Regal Medical Group.