Covenant Health recently updated the total number of individuals impacted by a major data security incident to 478,188. This figure represents a massive increase from the preliminary report issued in July, which suggested that only 7,864 people had been compromised. The organization, which operates a network of Catholic healthcare facilities including hospitals and elder care centers across New England and Pennsylvania, reached this new conclusion after finishing the primary phase of its data investigation.

The security breach was first detected on May 26, 2025, when the healthcare provider discovered that an unauthorized party had infiltrated its digital infrastructure. Further investigation determined that the actual breach occurred on May 18, giving the attackers over a week of access to sensitive patient information. This timeline allowed the intruders to navigate the systems before any defensive measures could be implemented.

GET 50% Discount for VPN/ANTIVIRUS SOFTWARE AT 911Cyber - CODE: bit5025

The Qilin ransomware group eventually claimed responsibility for the cyberattack during the final days of June. The group publicly asserted that it had successfully exfiltrated 852 gigabytes of private data from the provider’s servers. This massive haul reportedly included nearly 1.35 million individual files, though the specific nature of every file has been subject to ongoing internal review by the health system.

The discrepancy between the initial reporting and the current figures highlights the complexity of modern data forensic investigations. Covenant Health has spent months analyzing the exposed datasets to determine exactly whose information was contained within the stolen files. As a Catholic healthcare provider managing a diverse range of services from rehabilitation to assisted living, the breadth of the data involved spans multiple types of patient and resident records.

Affected individuals are being notified as the organization continues to manage the fallout from the cyberattack. The incident underscores the persistent threat ransomware groups pose to the healthcare sector, specifically through the theft and threatened release of confidential medical data. Covenant Health continues to work through the final stages of its analysis to ensure all regulatory requirements are met and all impacted parties are identified.

Source: Covenant Health Says May Data Breach Impacted Nearly 478000 Patients