In July 2025, the New England-based Covenant Health organization reported a data breach that initially only affected 7,864. However, further analysis revealed a much larger breach, boosting that number to nearly 500,000.
According to the provider (via Bleeding Computer), 478,188 patients were impacted by the breach, which was discovered back in May. Covenant Health is a Catholic healthcare provider out of Massachusetts that operates hospitals, nursing homes, and rehab centers across New England and Pennsylvania.
How we got here
A ransomware attack was discovered by Covenant Health on May 26, 2025 which revealed that a hacker had breached its systems a few days earlier on May 18 and gained access to patient information.
The Qilin ransomware group claimed responsibility for the attack in June saying it had stolen 852GB of data made up of nearly 1.35 million files. Qilin is a long-running ransomware group that has been in operation since at least 2022.
In a notice of data security incident, Covenant has said that sensitive information including addresses, dates of birth, Social Security numbers and treatment information was potentially exposed. Then in a letter sent out to impacted individuals, the company explained that it used a third-party forensic specialist to investigate the breach and discovered the extensive leak.
Covenant Health noted that the "the review is ongoing," though a timeline for how long that will take was not provided. The company did say that it has strengthened its security systems to prevent future breaches.
How to stay safe after a data breach
While Covenant Health is regional to New England, its breach was just one of many suffered by healthcare providers last year. We doubt that trend will slow down in 2026, so it's a good idea to know what to do if you are impacted by a data breach.
First off, you'll want to keep an eye on your mailbox (the physical one, not your email), in case the impacted company sends a data breach notification letter which will detail exactly what types of data were exposed. Additionally, most companies will provide free access to one of the best identity theft protection services for a certain period of time, usually 12 to 24 months.
If they do, you should definitely take advantage of this offer. Credit monitoring and identity restoration can be crucial if your personal or financial information is leaked. In this case, Covenant is offering a year's subscription to Experian IdentityWorks, which includes ID theft protection.
You will also want to be on the lookout for targeted phishing attacks. Pay attention when checking your email and messages as hackers will often use this stolen info to try and trick you into giving out even more. They could also try to infect your devices with malware, so don't click on any links or download attachments from unknown senders.
Finally, you always want to protect yourself from malware and other online threats by using the best antivirus software on your PC and the best Mac antivirus software on your Apple computer. Both operating systems come with free, built-in antivirus software but paid solutions often include useful extras like a VPN or a password manager too.
Last year saw a string of healthcare industry data breaches, and it's likely we'll see even more in 2026. Unfortunately, once your data is in a company's hands, there's not much you can do. However, you can protect yourself with immediate action once a breach has been discovered.
Follow Tom's Guide on Google News and add us as a preferred source to get our up-to-date news, analysis, and reviews in your feeds.
More from Tom's Guide
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
