breach
United StatesBleepingComputer
United StatesBleepingComputerCovenant Health Ransomware Attack Impacts Nearly 478,000 Patients
Friday, January 2, 2026
What
Covenant Health experienced a significant data breach in May 2025, attributed to the Qilin ransomware group, which compromised the personal and health information of nearly 478,000 patients. This incident highlights the severe risks posed by ransomware to healthcare providers and the critical need for robust data protection.
Where
Covenant Health, a Catholic healthcare provider operating across New England and parts of Pennsylvania, USA.
When
Breach discovered May 26, 2025; revised impact disclosed January 2, 2026; notification letters began December 31.
Key Factors
- •The Qilin ransomware group claimed responsibility, asserting they exfiltrated 852 GB of data comprising 1.35 million files, indicating a large-scale data theft operation.
- •The breach exposed highly sensitive patient data, including names, addresses, dates of birth, medical record numbers, Social Security numbers, health insurance, and treatment details, increasing the risk of identity theft and fraud.
- •Covenant Health's initial underestimation of impact (7,864 vs. 478,188 individuals) underscores the complexity and time required for thorough forensic analysis in large-scale breaches.
Takeaways
- →Healthcare organizations must prioritize advanced threat detection and incident response capabilities to quickly identify and contain ransomware attacks, minimizing data exfiltration.
- →Patients should remain vigilant for phishing attempts and identity theft, utilizing offered identity protection services, given the exposure of highly sensitive personal and medical information.
Read Full Article
Opens original article on BleepingComputer
