Andover, Massachusetts-based Covenant Well being, Inc. has knowledgeable authorities {that a} knowledge breach found in Might 2025 impacts greater than 478,000 people.
Covenant Well being affords healthcare providers at over a dozen areas throughout Massachusetts, Maine, New Hampshire, Pennsylvania, Rhode Island, and Vermont.
The group is informing clients that their private and well being data might have been compromised on account of a hacker assault that occurred on Might 18, 2025.
The intrusion was found on Might 26, and it took till December for Covenant Well being to finish its investigation.
Covenant Well being first disclosed the information breach to the Maine Lawyer Normal’s Workplace in July, when it reported that solely 7,800 people had been impacted.
In an up to date notification to the Maine AGO on December 31, the healthcare group revealed that the variety of affected people is definitely 478,188.
It’s not unusual for healthcare knowledge breaches to affect a whole lot of hundreds and even tens of millions of people.
Covenant Well being stated the hackers obtained data corresponding to identify, date of delivery, tackle, SSN, medical file quantity, medical health insurance data, and remedy data.Commercial. Scroll to proceed studying.
The Qilin ransomware group took credit score for the assault on Covenant Well being in June 2025, claiming to have stolen greater than 1.3 million recordsdata with a complete dimension of 850 GB.
Knowledge allegedly stolen from the healthcare group has since been made public by the cybercrime group, which signifies {that a} ransom has not been paid.
Associated: 113,000 Impacted by Knowledge Breach at Virginia Psychological Well being Authority
Associated: 700,000 Data Compromised in Askul Ransomware Assault
Associated: Tri-Century Eye Care Knowledge Breach Impacts 200,000 People
