Covenant Health (Catholic healthcare network serving Massachusetts, Maine, New Hampshire, Pennsylvania, Rhode Island, and Vermont) detected unauthorized activity on May 26, 2025, with the breach beginning May 18. The Qilin ransomware group claimed responsibility in late June 2025, stating 852 GB of data (~1.35 million files) were exfiltrated. Initial disclosure to regulators listed only 7,800 individuals; the final count was updated to 478,188 patients in December 2025 with notifications mailed beginning December 31. Exposed data included names, addresses, dates of birth, medical record numbers, Social Security numbers, treatment details, and health insurance information.