November 25, 2024

Welltok hack exposed the personal data of around 8.5 million patients in the US

[ad_1]

Welltok, a healthcare SaaS provider, has alerted its customers that hackers breached MOVEit, the file transfer program used by the company, which resulted in a data theft attack that exposed the personal data of almost 8.5 million US patients.
Earlier this year, the Clop ransomware gang took advantage of a zero-day vulnerability in the MOVEit software to breach thousands of organisations worldwide.They followed up with extortion demands and data leaks that affected over 77 million individuals.
The company collaborates with healthcare service providers across the United States, providing online wellness programs, holding databases with personal patient data, generating predictive analytics, and supporting healthcare needs such as medication adherence and pandemic response.
The data breach took place on July 26, 2023, as told by the company. As a result of this breach, patient data was exposed, including full names, email addresses, physical addresses, and telephone numbers.
Initially, there were varying estimates on the number of individuals affected by the Welltok data breach as the company did not immediately disclose the information. However, the firm has now confirmed through the US Department of Health and Human Services breach portal that 8,493,379 people were impacted by the breach.
For some patients, the breach resulted in the exposure of sensitive information such as Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information.
The breach had an impact on institutions in several states, such as Minnesota, Alabama, Kansas, North Carolina, Michigan, Nebraska, Illinois, and Massachusetts.
The following healthcare providers were affected: Blue Cross and Blue Shield of Minnesota and Blue Plus, Blue Cross and Blue Shield of Alabama, Blue Cross and Blue Shield of Kansas, Blue Cross and Blue Shield of North Carolina, Corewell Health, Faith Regional Health Services, Hospital & Medical Foundation of Paris, Inc. dba Horizon Health, Mass General Brigham Health Plan, Priority Health, St. Bernards Healthcare, Sutter Health, Trane Technologies Company LLC, and group health plans sponsored by Trane Technologies Company LLC or Trane U.S. Inc., The group health plans of Stanford Health Care, of Stanford Health Care, Lucile Packard Children’s Hospital Stanford, Stanford Health Care Tri-Valley, Stanford Medicine Partners, and Packard Children’s Health Alliance, and The Guthrie Clinic.



[ad_2]

Source link