Welltok cyberattack hits 1M Corewell patients Priority Health members
pMore than 1 million Michiganders were affected by a cybersecurity breach at Welltok Inc a software company contracted to provide communication services for Corewell Healths southeastern Michigan properties along with a healthy lifestyle portal for Priority Health an insurance plan owned by CorewellppFor about 2500 Priority Health members names addresses and health insurance identification numbers were compromised the health plan said in a statementppFor about 1 million Corewell Health patients the compromised data includes names dates of birth email addresses phone numbers medical diagnoses health insurance information and Social Security numbersppWelltok which is owned by Virgin Pulse sent letters earlier this month to people affected by the massive breach According to the US Department of Health and Human Services Office for Civil Rights which publishes a list of all breaches of protected health information that are under investigation involving 500 or more people the Welltok cyberattack affected 8493379 peopleppThose affected included people who have received health care or insurance provided by the following companies according to WelltokppIn a statement Welltok said it takes this incident very seriously and recommends credit monitoring for those affected by the breach which occurred May 30 when a cyberattacker exploited software vulnerabilities on the MOVEit Transfer server which is supposed to provide the secure digital transfer of sensitive information including protected health informationppWelltok said it had installed all the required MOVEit Transfer security upgrades and patches as soon as they were available and conducted an examination of its networks and systems to identify any potential for compromised data It wasnt until Aug 11 after the company hired thirdparty cybersecurity specialists and reconstructed its systems and historical data that the breach was discoveredppWhile we have no evidence that any of your information has been misused we are notifying you and providing information and resources to help protect your personal information Welltok said in a statementppThe following types of information may have impacted name and address telephone number email address The type of information at issue varies for each person For a small group of impacted clients Social Security numbers MedicareMedicaid ID numbers or certain health insurance information such as plan or group name were also implicated For other individuals certain health information such as a provider name prescription name or treatment code may have been includedppWelltok opened a dedicated assistance line at 8006282141 to help address any questions people may haveppThe HIPAA Journal reported that the cyberattack at Welltok is the fourthlargest health care data breach in the US this year The US Department of Health and Human Services reported that data breaches among health care organizations more than doubled from 2019 to 2021 And in 2022 at least 285 million health care records were breachedppIn Michigan alone several have been reported in recent months including one that affected 25 million patients of McLaren Health CareppA ransomware attack took down the computer network at McLarens 14 Michigan hospitals in late August and early September The health system acknowledged in October that it also could have leaked some patient data onto the dark web A ransomware gang known as BlackCatAlphV claimed responsibility for the cyberattack posting online that it stole 6 terabytes of McLarens datappAnd in late August the University of Michigan shut down its campus computer network after a hacker got access to the personal information of students and applicants alumni and donors employees and contractors as well as the personal health information of research study participants and patients of the University Health Service and the School of DentistryppMore Increasingly common health care cyberattacks now even target patients with ransomppThe data that was compromised in the UM cyberattack varied but for some included Social Security numbers drivers license or other governmentissued ID numbers financial account and payment card numbers For others it also included medical record numbers diagnoses treatment or medication history and other clinical informationppContact Kristen Shamus kshamusfreepresscom Subscribe to the Free Pressp