Hackers breach Clover Health employee accounts
It remains unclear what information, if any, had been compromised.

Image via Shutterstock
- Clover Health said attackers accessed three employee accounts through social engineering; its investigation is still ongoing.
- The accounts could access some personal and health information, but not corporate financial or claims systems.
- Clover Health said it contained the unauthorized access and hired outside cybersecurity experts after detecting unusual logins.
- The company says it expects no material business impact, but it is still reviewing legal notification requirements.
Key Takeaways by nexos.ai, reviewed by Cybernews staff.
US health insurer Clover Health said threat actors gained access to three employee accounts using social engineering techniques. The investigation is currently ongoing.
Clover Health detected unusual login activity on some of its information systems on July 4th. The subsequent investigation revealed that a threat actor gained access to three non-managerial health plan employee accounts, the company said in a regulatory filing on Friday.
The accounts belonged to employees involved in visit-scheduling and broker-facing sales work. Clover Health said they had access “to certain personally identifiable information and protected health information” but not to corporate financial or claims systems.
It’s currently unclear what information, if any, the threat actors were able to access. At this point, the company believes that its response “successfully contained and terminated" the unauthorized activity.
After identifying the incident, Clover Health engaged third-party cybersecurity experts, took steps to contain it, and notified law enforcement.
The company said it doesn’t believe that the incident will have a material impact on its business, financial condition, or results of operations.
Stay updated with our latest stories and follow us on social media
Be the first to discover new stories, ideas, and updates from our team.
“The Company takes the privacy and security of its member data very seriously and has taken, and continues to take, steps to further harden its IT environment. The Company continues to evaluate applicable regulatory and legal notification requirements and will make all required notifications based on its findings, including to impacted Members,” Clover Health said in the filing.
Clover Health provides Medicare Advantage plans primarily to older American customers or younger people who qualify for Medicare. It also operates an AI-powered software platform Clover Assistant designed for primary care physicians.
The disclosure comes a day after Abbott Laboratories revealed it was investigating two separate cyber incidents, one of which may be linked to the notorious hacking gang ShinyHunters.