Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Health insurance. Show all posts

Harvard Pilgrim Health Care Hit by Ransomware Attack

 

Harvard Pilgrim Health Care, one of the largest health insurance providers in the United States, has recently experienced a major ransomware attack that has affected approximately 2.5 million individuals. The incident has raised serious concerns about data security and the potential risks to sensitive personal information.

The attack was first detected in early April when unauthorized activity was identified on the organization's systems. Upon investigation, it was revealed that the attackers had gained unauthorized access to sensitive data, including names, Social Security numbers, dates of birth, and health insurance information.

Harvard Pilgrim Health Care promptly launched an internal investigation and engaged leading cybersecurity experts to mitigate the impact of the attack and strengthen its security measures. The company has assured affected individuals that it is taking immediate steps to secure the compromised data and prevent any further unauthorized access.

In response to the incident, Harvard Pilgrim Health Care has also notified the affected individuals and is offering them complimentary credit monitoring and identity theft protection services. This is a crucial step to help mitigate the potential risks that arise from the exposure of personal information.

The breach has been reported to the U.S. Department of Health and Human Services Office for Civil Rights (OCR), as required by federal regulations. The OCR breach report provides an overview of the incident, the number of individuals affected, and the steps taken by Harvard Pilgrim Health Care to address the breach and protect affected individuals.

This incident serves as a stark reminder of the persistent threats posed by ransomware attacks in the healthcare sector. Cybercriminals continue to target healthcare organizations due to the vast amount of valuable personal and medical information they hold. The consequences of such attacks can be far-reaching, potentially compromising patient privacy, disrupting healthcare services, and causing financial harm to both the affected individuals and the organization.

In light of this incident, it is essential for healthcare organizations to reevaluate and reinforce their cybersecurity measures. Robust security protocols, including regular system audits, employee training on recognizing and reporting suspicious activities, and continuous monitoring of network systems, are crucial in combating these evolving cyber threats.

The Harvard Pilgrim Health Care ransomware outbreak highlights the urgent need for heightened awareness and investment in cybersecurity throughout the healthcare industry. Healthcare providers, insurers, and companies managing sensitive information should prioritize safeguarding patient data and upholding people's trust.

Security breached of Ayushman Bharat

Ayushman Bharat, the government run health insurance programme, on Saturday confirmed that there had been an attempted security breach. “There have been attempts to get illegal access to large medical data including sensitive personal information,’’ said Dr. Indu Bhushan, CEO Ayushman Bharat - Pradhan Mantri Jan Arogya Yojana.

Alerted about the intrusion 48 hours ago, the National Health Authority — which administers the programme — has now written to all State Governments alerting them about the threat and warning that no sensitive data be shared.

Describing the nature of the attempted breach, Dr. Bhushan said contact had been made with Ayushman Bharat employees urging them to leak sensitive information on the available health profiles of those covered by the scheme.

With more than 3 crore e-cards issued countrywide to individuals covered under the scheme and over 21 lakh hospital admissions, worth ₹2,820 crore, having been approved, the scheme is one of the world’s largest state-run health insurance programmes, according to the government. Health data is extremely sensitive and of great value to commercial and pharmaceutical companies.

“We have this data enveloped in multiple layers of security which is tough to penetrate,” explained Dr. Bhushan. “We also have a stringent access system for those within Ayushman Bharat and we were alerted, almost immediately, when the breach was attempted,’’ he said.

The authority is now also seeking assistance from the public to help ensure that the programme stays cybersecure and that patient data and records are not compromised in any manner.

“We are making a public appeal to please report such cases to @AyushmanNHA at the earliest for proper investigation and actions to mitigate any potential risk,’’ Dr. Bhushan said.

Ayushman Bharat has also had to combat multiple attempts to defraud individuals and companies “using our programmes as a disguise,” said an official, who spoke on condition of anonymity. “People have been offered jobs and some have even been duped saying that we charge for registration. All of this is illegal,’’ the official added.