Millions of Patients Lose Control of Their Personal and Health Data in Harvard Pilgrim Breach
Table of Contents
- By Steven
- Published: Jun 08, 2023
- Last Updated: Jun 08, 2023
Harvard Pilgrim Health Care is an insurance provider that offers non-profit healthcare to residents in a variety of different states, including New Hampshire, Maine, Connecticut, and Massachusetts. The company generates more than $622 million in revenue annually and employs over 4,400 people during its regular operations. It works with millions of patients, and a mix of those patients was exposed in the recent data breach impacting that company.
How Did the Attack Occur?
It's unclear what mechanisms the ransomware gang relied on to break into Harvard Pilgrim Health Care's servers, but a group of hackers found a way into the company's file servers. Once in the data servers for the company, the hackers began gathering information to exploit later. The data was copied and transferred away from the company and leveraged in a ransom in an attempt to get paid.
What Information Was Viewed or Stolen?
During the Harvard Pilgrim data breach, a significant amount of personal and health information was lost for the different individuals involved. Social Security numbers, phone numbers, health insurance account information, and more were lost. The consumer names and protected health data were also involved in the data breach. Millions of patients working with this company were impacted by this breach, and each of them lost at least one or two of these different data points.
How Did Harvard Pilgrim Care Admit to the Breach?
Harvard Pilgrim Care filed a notice with the U.S. Department of Health and Human Services for Civil Rights on May 24, 2023. At that time, the company made it clear that more than 2.5 million people were impacted by the data breach and that a large amount of health data was exposed to the public. The organization quickly began sending notices of a breach to anyone involved in the incident after sending an official report about the problem. If you receive a notice, you'll know your information could be exposed.
What Will Become of the Stolen Information?
The stolen information was put up for ransom in an effort to get Harvard Pilgrim Care to pay a fee to have the information returned without releasing it. If the ransom is not paid, it's likely the information will be spread and used to generate as much profit as possible for the attackers that stole it and everyone else that wants to misuse the information. The data could be sold or traded to others, and it's possible that it will be used in an effort to steal identities and harm others for profit.
What Should Affected Parties Do in the Aftermath of the Breach?
If you're one of the individuals that receive a notice from Harvard Pilgrim, you'll know that you're at risk and you could be harmed by this health data breach. As one of the impacted people in this case, you should take immediate steps to protect yourself. Begin by investing in credit monitoring solutions to safeguard yourself. You should also consider freezing your credit to guard yourself further from potential issues. If you take these steps, you'll be aware of what's happening with your information so you can respond to any potential problems sooner rather than waiting for the bills or credit damage to pile up.
