Ransomware Attack Key Factor in H1 Operating Losses of $102.6 Million for Point32 Health
Point32Health has reported operating losses of $102.7 million for the first 6 months of 2023 on $4.8 billion in revenue, compared to losses of $25.8 million in the first 6 months of 2022 on $4.9 billion in revenue. The $76.9 million difference has largely been attributed to the ransomware attack it detected on April 17, 2023., although details of the actual cost of the attack have not been released.
The attack saw sensitive data exfiltrated from the systems of Harvard Pilgrim Health Care between March 28, 2023, and April 17, 2023, including the HIPAA protected health information of current and former subscribers, their dependents, and current contracted providers. The compromised information included names, Social Security numbers, and taxpayer identification numbers. The breach was reported to the HHS’ Office for Civil Rights as affecting 2,550,922 individuals.
The attack resulted in systems being taken offline for several weeks, including the systems that support the Harvard Pilgrim Health Care Commercial and Medicare Advantage Stride℠ plans (HMO)/(HMO-POS). The recovery process was slow as systems had to be restored in a specific order. It took until late July – three months after the attack was detected – to fully resume normal operations, although it took until August to clear a backlog of 1 million claims that had been delayed due to the cyberattack.
Point32Health’s Chief Financial officer, Scott Walker claims the company is still on a solid financial footing and said the losses due to the cyberattack were transient and one-time in nature; however, Point32Health is likely to continue to face costs from the data breach. Multiple class action lawsuits have been filed over the data breach.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
