- The Covenant Health cyberattack in May 2025 affected many more patients than expected: nearly 500,000 instead of 8,000.
- The stolen data included names, addresses, dates of birth, social security numbers, health insurance details and treatment information.
- The Russian-speaking group Qilin claimed responsibility, disclosing 852 GB of files; Covenant offers victims 12 months of identity theft protection
The May 2025 cyberattack affecting Covenant Health is now believed to be much more destructive than initially thought, as the number of people affected appears to have increased significantly.
Covenant Health is a Catholic healthcare provider based in the United States. It operates hospitals, nursing and rehabilitation centers, as well as assisted living facilities and senior care organizations.
At the end of May 2025, the organization learned that a week earlier, it had been attacked by cybercriminals who stole sensitive data on its patients. Initial reports, published in July, put around 8,000 people affected.
Qilin takes responsibility
However, in an update to the report filed with the Maine Attorney General’s Office, released earlier this week, Covenant Health said the true number is closer to 500,000:
“Since the notice sent to your office in July, Covenant Health has continued to analyze the affected data and has completed the bulk of its data analysis. The implicated data included patient names and one or more of the following: addresses, dates of birth, medical record numbers, Social Security numbers, health insurance information, and treatment information, such as diagnoses, dates of treatment, and/or type of treatment,” the update said.
Exposed patients are at serious risk of identity theft and fraud due to the personal and sensitive nature of the information.
The organization fell prey to Qilin, a Russian-speaking cybercriminal organization known for its attacks on London hospitals.
An example of the group’s power came in June 2024 when a ransomware attack attributed to Qilin hit Synnovis, a pathology services provider that manages blood testing and diagnostics for several major NHS hospitals in London (including King’s College Hospital and Guy’s & St Thomas’).
The scammers added Covenant Health to their data leak site in late July 2025, claiming to have recovered 852 GB of data, comprising approximately 1.35 million files.
Covenant Health is now offering affected individuals 12 months of free identity theft protection services.
Via BeepComputer
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
