The U.S. healthcare services business Welltok revealed a data breach that affected around 8.5 million patients.
The business was one among the targets of a widespread hacking campaign that took advantage of a zero-day vulnerability in the MOVEit Transfer programme.
The exposed information includes patient information, including phone numbers, physical addresses, email addresses, and full names. Threat actors also obtained specific health insurance details, Medicare/Medicaid ID numbers, and Social Security numbers (SSNs) for some of the affected individuals.
The following organisations, on behalf of which Welltok is delivering notice to affected individuals, are Asuris Northwest Health, BridgeSpan Health, Blue Cross and Blue Shield of Minnesota, Blue Cross and Blue Shield of Alabama, Blue Cross and Blue Shield of Kansas, Blue Cross and Blue Shield of North Carolina, Corewell Health, Faith Regional Health Services, Mass General, Brigham Health Plan, Priority Health, Regence BlueCross BlueShield of Oregon, Regence BlueShield, Regence BlueCross BlueShield of Utah, Regence Blue Shield of Idaho, St. Bernards Healthcare, and Sutter Health.
Source: https://securityaffairs.com/154663/data-breach/welltok-data-breach-11m-patients.html
TPRM report: https://scoringcyber.rankiteo.com/company/frhs
"id": "fai40271123",
"linkid": "frhs",
"type": "Data Leak",
"date": "11/2023",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'customers_affected': 8500000,
'industry': 'Healthcare',
'location': 'United States',
'name': 'Welltok',
'type': 'Healthcare Services'},
{'industry': 'Healthcare',
'name': 'Asuris Northwest Health',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'BridgeSpan Health',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'Blue Cross and Blue Shield of Minnesota',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'Blue Cross and Blue Shield of Alabama',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'Blue Cross and Blue Shield of Kansas',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'Blue Cross and Blue Shield of North Carolina',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'Corewell Health',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'Faith Regional Health Services',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'Mass General',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'Brigham Health Plan',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'Priority Health',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'Regence BlueCross BlueShield of Oregon',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'Regence BlueShield',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'Regence BlueCross BlueShield of Utah',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'Regence Blue Shield of Idaho',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'St. Bernards Healthcare',
'type': 'Healthcare'},
{'industry': 'Healthcare',
'name': 'Sutter Health',
'type': 'Healthcare'}],
'attack_vector': 'Zero-day vulnerability in the MOVEit Transfer programme',
'data_breach': {'number_of_records_exposed': 8500000,
'personally_identifiable_information': ['phone numbers',
'physical addresses',
'email addresses',
'full names',
'Medicare/Medicaid ID '
'numbers',
'Social Security '
'numbers (SSNs)'],
'type_of_data_compromised': ['patient information',
'phone numbers',
'physical addresses',
'email addresses',
'full names',
'health insurance details',
'Medicare/Medicaid ID numbers',
'Social Security numbers '
'(SSNs)']},
'description': 'The U.S. healthcare services business Welltok revealed a data '
'breach that affected around 8.5 million patients. The '
'business was one among the targets of a widespread hacking '
'campaign that took advantage of a zero-day vulnerability in '
'the MOVEit Transfer programme. The exposed information '
'includes patient information, including phone numbers, '
'physical addresses, email addresses, and full names. Threat '
'actors also obtained specific health insurance details, '
'Medicare/Medicaid ID numbers, and Social Security numbers '
'(SSNs) for some of the affected individuals. The following '
'organisations, on behalf of which Welltok is delivering '
'notice to affected individuals, are Asuris Northwest Health, '
'BridgeSpan Health, Blue Cross and Blue Shield of Minnesota, '
'Blue Cross and Blue Shield of Alabama, Blue Cross and Blue '
'Shield of Kansas, Blue Cross and Blue Shield of North '
'Carolina, Corewell Health, Faith Regional Health Services, '
'Mass General, Brigham Health Plan, Priority Health, Regence '
'BlueCross BlueShield of Oregon, Regence BlueShield, Regence '
'BlueCross BlueShield of Utah, Regence Blue Shield of Idaho, '
'St. Bernards Healthcare, and Sutter Health.',
'impact': {'data_compromised': ['patient information',
'phone numbers',
'physical addresses',
'email addresses',
'full names',
'health insurance details',
'Medicare/Medicaid ID numbers',
'Social Security numbers (SSNs)']},
'title': 'Welltok Data Breach',
'type': 'Data Breach',
'vulnerability_exploited': 'Zero-day vulnerability'}