Harvard Pilgrim Health Care ransomware attack hits 2.5 million people


Harvard Pilgrim Health Care (HPHC) has disclosed that a ransomware attack it suffered in April 2023 impacted 2,550,922 people, with the threat actors also stealing their sensitive data from compromised systems.

The Massachusetts-based non-profit health services provider shared this information—which corresponds to roughly all its members—to the U.S. Department of Health and Human Services breach portal.

Last week, the organization published a notice informing that ransomware actors maintained access to its systems between March 28 and April 17, 2023, when the breach was discovered.

A subsequent investigation conducted with the help of third-party cybersecurity experts revealed that the cybercriminals exfiltrated sensitive data from HPHC’s network.

“Unfortunately, the investigation identified signs that data was copied and taken from our Harvard Pilgrim systems from March 28, 2023, to April 17, 2023,” reads the notice.

“We are continuing our active investigation and conducting extensive system reviews and analysis before we can resume our normal business operations.”

As a result of the attack, coverage under Harvard Pilgrim Health Care Commercial and Medicare Advantage Stride systems is impacted.

The stolen files include the following types of sensitive information:

  • Full names
  • Physical addresses
  • Phone numbers
  • Dates of birth
  • Health insurance account information
  • Social Security numbers
  • Provider taxpayer identification numbers
  • Clinical information, including medical history, diagnoses, treatment, dates of service, and provider names

The organization has clarified that the incident impacts current and former members of Harvard Pilgrim, who had a registration date starting on March 28, 2012.

The above information is very sensitive and could expose affected individuals to phishing or social engineering attacks. HPHC states that it has not detected any cases of stolen data misuse. 

HPHC also provides credit monitoring and identity theft protection services to safeguard individuals impacted by this security incident.

It’s important to note that ransomware gangs often exploit stolen data to pressure victims into complying with ransom demands. If victims refuse to pay, attackers may also sell the data to other cybercriminals or release it publicly.

No ransomware group has claimed responsibility for the attack on HPHC, according to the information available at this time.

For current or former members of HPHC, exercising caution when receiving unsolicited messages and maintaining vigilance over an extended period is strongly advised.


  • mohdrafeea Photo mohdrafeea – 3 days ago

    Recently, I have observed many Ransomware attacks targeting Health sector. What’s the reasons of that? I cant understand the motive.

  • Mahhn Photo Mahhn – 14 hours ago

    All your data is with healthcare companies, they use and sell it to commit fraud, and make others lives worse. Evil people wanting to make others suffer, just because they can. There are lots of bad people in the world, most good people can’t understand, because they aren’t evil.

  • DyingCrow Photo DyingCrow – 3 days ago

    Health care might not be hardening as much, making them easier targets. Specially non profits, they just have the budget for the very basics.
    Health care databases have a high change to contain valuable info such as SSN, along with other personal info such as phone #, email address and medical history, which can be used for targeted health care related scams.

  • Malwarebytes Anti-Malware Logo

    Malwarebytes Anti-Malware

    Version: 4.5.29 5M+ Downloads

  • McAfee Consumer Products Removal tool Logo

    McAfee Consumer Products Removal tool

    Version: NA 432,545 Downloads

  • AdwCleaner Logo


    Version: 56M+ Downloads

  • Windows Repair (All In One) Logo

    Windows Repair (All In One)

    Version: 4.13.1 2M+ Downloads

  • Everything Desktop Search Logo

    Everything Desktop Search

    Version: 23,036 Downloads


Related posts

DDoS attacks shifting to VPS infrastructure for increased power

Sarah Henriquez

Microsoft fixes Windows zero-day exploited in ransomware attacks

Sarah Henriquez

US, UK warn of govt hackers using custom malware on Cisco routers

Sarah Henriquez

Leave a Comment