Covenant Health Data Breach Exposed Personal Information of Nearly 478,000 Patients

Recently, Covenant Health revealed that almost 500,000 individuals were affected by a data breach that occurred in May, as opposed to the initial report of 7,864 people.

The healthcare organization, based in Andover, Massachusetts, and operating in various locations, including New England and parts of Pennsylvania, disclosed that a significant data breach occurred in May, affecting a total of 478,188 individuals.

Covenant Health provides various healthcare services and facilities, including hospitals, nursing and rehabilitation centers, assisted living residences, and elder care organizations.

Details of the Ransomware Attack

In May 2025, Covenant Health discovered that its systems had been breached by an attacker on May 18, resulting in unauthorized access to patient data.

The Qilin ransomware group later claimed responsibility for the attack in late June, revealing that they had obtained 852 GB of data comprising nearly 1.35 million files.

The compromised information may include personal details such as names, addresses, dates of birth, medical record numbers, Social Security numbers, health insurance information, and treatment specifics.

Covenant Health enlisted third-party forensic experts to assess the extent of the breach and the number of individuals affected, with ongoing investigations to determine the full impact.

The organization has since enhanced its system security measures to prevent future breaches of a similar nature.

As a gesture of goodwill, Covenant Health is offering affected individuals 12 months of free identity protection services to safeguard against potential misuse of their information.

The healthcare entity has initiated the process of sending data breach notification letters to patients affected by the breach, starting from December 31.