Nearly 480,000 impacted by Covenant Health data breach

Key Points:

• A cyberattack by the Qilin ransomware gang exposed sensitive information of 478,188 individuals associated with Covenant Health, affecting multiple hospitals and healthcare facilities across several states.
• The breach compromised personal data including names, addresses, Social Security numbers, and medical records, significantly impacting operations at St. Joseph Hospital and St. Mary’s Health System in Maine and New Hampshire.
• Immediate actions include notifying affected individuals and offering one year of credit monitoring services; organizations should enhance their security posture to prevent similar incidents.

Technical Details: The attack occurred between May 18 and May 26, 2025, with unauthorized access to IT systems leading to extensive data theft. The Qilin ransomware gang has been linked to numerous attacks globally, particularly targeting healthcare organizations.

MITRE ATT&CK Techniques:

• T1071.001 - Application Layer Protocol: Web Protocols (Command and Control)
• T1486 - Data Encrypted for Impact (Impact)

IOCs Mentioned: None mentioned