Updated June 25, 2025: Qilin gang has claimed responsibility for the attack and has posted proof of claims on its leak site. The proof of claims appears to be from personnel/internal files.
News Center Maine reports:
A cyber incident affecting several hospitals in Maine is now under investigation.
Covenant Health shared with NEWS CENTER Maine that it became aware of connectivity issues impacting the organization on Monday. The health care system said it immediately discontinued access to all data systems across its hospitals, clinics, and provider practices.
Covenant owns St. Joseph Hospital in Bangor, St. Mary’s Health System in Lewiston, and St. Andre Health Care in Biddeford, as well as other facilities in Lewiston and Bangor.
The organization said the issues were the result of a “cyber incident initiated from an outside group.”
Read more at News Center Maine. St. Joseph’s Hospital in Bangor, Maine has already acknowledged that that the incident is a “cyberattack.” Other information, described below, suggests this may be a ransomware attack.
St. Joseph’s Hospital in Nashua, New Hampshire is also a Covenant Health Facility. Their home page indicates the disruption due to a cyberattack. A notice posted May 27 that still appears on their home page today indicates that all outpatient labs are closed:
Due to a temporary system issue, we are adjusting our outpatient lab services today, May 27th. For the time being, labs will only be available at our main hospital campus, and services can be provided only with a physical order in hand.
Another notice on its home page indicates phone services and internet access is impacted.
Covenant Health has facilities throughout New England. There is nothing on Covenant’s website about any cyberattack.