Healthcare services provider Welltok disclosed a data breach that impacted nearly 8.5 million patients in the U.S.
The company was one of the victims of the large-scale hacking campaign exploiting a zero-day in MOVEit Transfer software.
Threat actors were able to obtain patient information, including phone numbers, physical addresses, email addresses, and full names. Threat actors also obtained specific health insurance details, Medicare/Medicaid ID numbers, and Social Security numbers (SSNs) for some of the affected individuals.
The following organisations, on behalf of which Welltok is delivering notice to affected individuals, are Asuris Northwest Health, BridgeSpan Health, Blue Cross and Blue Shield of Minnesota, Blue Cross and Blue Shield of Alabama, Blue Cross and Blue Shield of Kansas, Blue Cross and Blue Shield of North Carolina, Corewell Health, Faith Regional Health Services, Mass General, Brigham Health Plan, Priority Health, Regence BlueCross BlueShield of Oregon, Regence BlueShield, Regence BlueCross BlueShield of Utah, Regence Blue Shield of Idaho, St. Bernards Healthcare, and Sutter Health.
Source: https://securityaffairs.com/154663/data-breach/welltok-data-breach-11m-patients.html
TPRM report: https://scoringcyber.rankiteo.com/company/bridgespan-health
"id": "bri353271123",
"linkid": "bridgespan-health",
"type": "Breach",
"date": "11/2023",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Healthcare',
'name': 'Asuris Northwest Health',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'BridgeSpan Health',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'Blue Cross and Blue Shield of Minnesota',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'Blue Cross and Blue Shield of Alabama',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'Blue Cross and Blue Shield of Kansas',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'Blue Cross and Blue Shield of North Carolina',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'Corewell Health',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'Faith Regional Health Services',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'Mass General',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'Brigham Health Plan',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'Priority Health',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'Regence BlueCross BlueShield of Oregon',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'Regence BlueShield',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'Regence BlueCross BlueShield of Utah',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'Regence Blue Shield of Idaho',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'St. Bernards Healthcare',
'type': 'Healthcare Provider'},
{'industry': 'Healthcare',
'name': 'Sutter Health',
'type': 'Healthcare Provider'}],
'attack_vector': 'Exploitation of zero-day vulnerability in MOVEit Transfer '
'software',
'data_breach': {'number_of_records_exposed': '8.5 million',
'personally_identifiable_information': ['full names',
'email addresses',
'physical addresses',
'phone numbers',
'Medicare/Medicaid ID '
'numbers',
'Social Security '
'numbers (SSNs)'],
'type_of_data_compromised': ['phone numbers',
'physical addresses',
'email addresses',
'full names',
'health insurance details',
'Medicare/Medicaid ID numbers',
'Social Security numbers '
'(SSNs)']},
'description': 'Healthcare services provider Welltok disclosed a data breach '
'that impacted nearly 8.5 million patients in the U.S. The '
'company was one of the victims of the large-scale hacking '
'campaign exploiting a zero-day in MOVEit Transfer software. '
'Threat actors were able to obtain patient information, '
'including phone numbers, physical addresses, email addresses, '
'and full names. Threat actors also obtained specific health '
'insurance details, Medicare/Medicaid ID numbers, and Social '
'Security numbers (SSNs) for some of the affected individuals.',
'impact': {'data_compromised': ['phone numbers',
'physical addresses',
'email addresses',
'full names',
'health insurance details',
'Medicare/Medicaid ID numbers',
'Social Security numbers (SSNs)']},
'title': 'Welltok Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'MOVEit Transfer software zero-day vulnerability'}