ransomware🌍AmericasSecurity Affairs
Covenant Health Ransomware Attack Exposes Data of 478K Patients
Friday, January 2, 2026
What
Covenant Health experienced a ransomware attack by the Qilin group in May 2025, leading to system shutdowns and the theft of 850 GB of sensitive patient data. This incident highlights the severe impact of ransomware on healthcare providers and the extensive personal information at risk.
Where
Covenant Health, Inc., a healthcare organization operating in Massachusetts, Maine, New Hampshire, Pennsylvania, and Vermont.
When
Attack started May 18, 2025; confirmed data breach affecting 478,188 individuals in December 2025; publicly reported January 2, 2026.
Key Factors
- •The Qilin ransomware group claimed responsibility for the May 2025 attack, asserting the theft of 850 GB of sensitive data from Covenant Health systems.
- •Initially reported to affect 7,800 individuals in July 2025, the scope of the data breach significantly expanded to over 478,000 individuals by December 2025, indicating a broader compromise.
- •Compromised data includes extensive personal and health information, such as SSN, medical record numbers, health insurance details, and treatment information, posing a high risk of identity theft and fraud.
Takeaways
- →Healthcare organizations must prioritize robust ransomware defenses and comprehensive data backup strategies to protect sensitive patient information.
- →Individuals affected should monitor credit reports and health insurance statements for suspicious activity and consider utilizing offered identity protection services.
Read Full Article
Opens original article on Security Affairs
