Getty Images/iStockphoto

Point32Health confirms service disruption due to ransomware

A ransomware attack interrupted access to services provided by one of New England's largest healthcare insurers, though the scope of affected customers and data remains unknown.

Point32Health, a nonprofit organization that provides healthcare services to more than 2 million customers, confirmed that it forced systems offline this week after experiencing a ransomware attack.

In a statement posted on its website, the organization disclosed that it suffered a ransomware attack on Monday that affected systems used for member services, accounts, brokers and providers. As a result of the ransomware incident, Point32Health forced its systems offline, contacted law enforcement and initiated an ongoing investigation.

While many questions remain and no ransomware group has claimed responsibility, the attack disrupted access to healthcare services for a potentially large scope of customers and might have compromised highly sensitive data that Point32Health stores.

"Our top priority is to ensure our members continue to have access to care," Point32Health wrote in the statement. "While we work diligently to restore the impacted systems as quickly and as safely as possible, our team is working around the clock to provide workarounds for members to receive the services they need."

Point32Health, established in 2021 and based in Canton, Mass., is the result of a merger between Tufts Health Plan and Harvard Pilgrim Health Care. It is now one of New England's largest healthcare insurance providers.

Not all of Point32Health's businesses appear to be affected by the ransomware attack, however. Affected systems are mostly limited to Harvard Pilgrim Health Care so far, which, according to its website, serves more than 1.1 million members.

On Monday, Harvard Pilgrim Health Care confirmed through its Facebook page that it was "currently experiencing technical issues with [its] website and phone lines." As of Wednesday, the website remains down. The technical issues were not confirmed to be ransomware-related until Point32Health issued the statement Wednesday.

The statement also advised customers who require urgent assistance to contact the member services number listed on their ID cards, "which will provide directions for urgent needs." It was not clear as of Wednesday when services would be operational again.

TechTarget Editorial contacted Point32Health for additional information, but was provided the same statement posted on the website.

Point32Health is just the latest healthcare victim disrupted by ransomware. Over the past three years, the healthcare sector has been increasingly targeted by ransomware, warranting multiple government advisories. The problem garnered attention from Microsoft as well. Earlier this month, the tech giant announced that it had obtained a court order to curb illegal use of Cobalt Strike, which the vendor said has been used in more than 68 ransomware attacks affecting healthcare organizations.

Arielle Waldman is a Boston-based reporter covering enterprise security news.

Next Steps

Studies show ransomware has already caused patient deaths

Dig Deeper on Data security and privacy

Enterprise Desktop
Cloud Computing