New Ransomware Attack Hits Health Insurer Point32Health

By   Olivia William
Writer , Information Security Buzz | Apr 20, 2023 09:46 am PST

A ransomware attack affecting several of its systems is being dealt with this week by a New England health insurance company that provides services to over two million people. According to Point32Health, created through the merger of Harvard Pilgrim Health Care and Tufts Health Plan, the ransomware was found on April 17 in systems for “service members, accounts, brokers, and providers.”

“After identifying the unauthorized party, we took aggressive steps to contain the threat by taking some of the systems offline. We have informed law enforcement and regulatory agencies, and we are collaborating with outside cybersecurity experts to fully investigate this occurrence and correct the problem, the business said in a statement.

“While we are working to restore the impacted systems as we can and Our staff is working around the clock to create options so that members can get the necessary services they require as safely as possible.”

The business advised customers to use a given number in case of emergencies. It declared that it intended to contact any customers whose information may have leaked during the incident.

People in (Massachusetts, Maine, Connecticut, New Hampshire, and Rhode Island), including those who qualify for Medicare and Medicaid, can receive services from Point32Health. The organization, which Charlie Baker led for ten years as CEO of Harvard Pilgrim Health Care, is the second-largest insurer in Massachusetts.

A ransomware organization has not yet claimed responsibility for the attack. According to researchers from cyber insurer Corvus Insurance, ransomware occurrences impacting healthcare businesses have sharply grown. Hospitals and healthcare organizations were the targets of 750% more frequent attacks than they had been the previous March, according to an examination of data from the dark web and ransomware leak sites.

The breach of the healthcare system by ransomware has recently happened at Point32Health. Ransomware has progressively targeted the healthcare industry over the past three years, leading to numerous government cautions. Microsoft paid notice of the issue as well. The internet giant said earlier this month that it received a court order to stop the unauthorized use of Cobalt Strike, which the vendor claimed was used in over 68 ransomware attacks targeting healthcare companies.

How Healthcare Service Providers Can Prevent Constant Hack

Criminals target hospitals to steal medical data. We discuss hacker prevention here.

  • Weak password– Attackers can access accounts by guessing popular passwords like password123. Poor password practices have long plagued cybersecurity, but most people struggle to remember complicated passwords, especially under pressure. They utilize weak or shared passwords for ease.
  • Phishing – Criminals use phishing assaults to deceive receivers into opening a message that contains a malicious code, attachment, or link to breach defenses or launch ransomware attacks. A recent survey indicated that only 5% of Britons could recognize a phishing email due to its sophistication and targeting.
  • Poor security measures — Hackers attempt to keep one step ahead of an organization’s security protocols, and a breach could allow criminals to migrate laterally. They might steal a lot of important data quickly. Unsecured systems offer attackers network access to place a bogus site.
  • Security policies – Healthcare providers should inform personnel of security policies. They should teach personnel about delivering care beyond emergency medical requirements and protecting patient medical data. Regular communication with personnel reinforces how to prevent breaches and respond to them.
  • Regular training – As risks evolve in the digital realm, users require regular training to avoid them. To protect accounts, IT employees should follow best practices. Always use a password manager and complicated passphrase credentials.


The non-profit health insurance Point32Health claims to have shut down its servers to stop a ransomware attack that was discovered this week. Point32Health, which was created in 2021 through the union of Harvard Pilgrim Health Care and Tufts Health Plan, is Massachusetts’ second-largest health insurer and provides coverage to more than 2 million people. The company disclosed this week that it had been the target of a ransomware attack on April 17 and had been forced to shut down operations to address the problem. According to Point32Health, the attack had an effect on the systems it utilizes “to service members, accounts, brokers, and providers”, the majority of which are connected to Harvard Pilgrim Health Care.

The insurance states, “We have alerted law enforcement and regulators, and are working with outside cybersecurity experts to thoroughly investigate this issue and remedy the situation. Harvard Pilgrim Health Care revealed on Facebook earlier this week that their website and communication services are down. Our website and phone lines are having technical problems right now. We apologize for the inconvenience, the group added. The business claims it is still investigating whether the attack exposed personal data. Point32Health did not specify the number of people who might have been harmed by the event, although the company estimates that Harvard Pilgrim Health Care serves about 1.1 million people.

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x