Corewell Health and Pinnacle Holdings LTD: Thousands of Corewell Health patients affected by security breach

Corewell Health Data Breach Exposes Personal Information of 19,000 Patients

Corewell Health disclosed a 2024 security breach affecting approximately 19,000 patients, following a notification from Pinnacle Holdings LTD, a Colorado-based vendor that previously provided healthcare consulting services. The compromised data includes sensitive personal and medical information, such as names, addresses, Social Security numbers, driver’s license details, dates of birth, medical diagnoses, prescription records, treatment information, and in some cases, biometric data and digital signatures.

Corewell Health completed a review to identify impacted individuals and confirmed that Pinnacle has mailed notification letters to those affected. While no fraudulent activity has been reported, the breach was reported to law enforcement, and the responsible party remains unidentified. Pinnacle has implemented additional security measures and is offering free credit monitoring and identity protection services to affected individuals.

This incident follows two major breaches in late 2023, where cyberattacks on Corewell’s vendors Welltok, Inc. and HealthEC LLC exposed the data of over 1 million patients each. The repeated breaches highlight ongoing vulnerabilities in third-party vendor security within the healthcare sector.

Source: https://www.detroitnews.com/story/business/2026/03/27/thousands-of-corewell-health-patients-affected-by-security-breach/89354927007/

Oleen Pinnacle Healthcare Consulting cybersecurity rating report: https://www.rankiteo.com/company/oleen-pinnacle-healthcare-consulting

Corewell Health cybersecurity rating report: https://www.rankiteo.com/company/corewell-health

"id": "OLECOR1774664850",
"linkid": "oleen-pinnacle-healthcare-consulting, corewell-health",
"type": "Breach",
"date": "3/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '19,000',
                        'industry': 'Healthcare',
                        'location': 'United States',
                        'name': 'Corewell Health',
                        'type': 'Healthcare Provider'},
                       {'industry': 'Healthcare Consulting',
                        'location': 'Colorado, United States',
                        'name': 'Pinnacle Holdings LTD',
                        'type': 'Vendor'}],
 'customer_advisories': 'Free credit monitoring and identity protection '
                        'services offered to affected individuals',
 'data_breach': {'number_of_records_exposed': '19,000',
                 'personally_identifiable_information': ['Names',
                                                         'Addresses',
                                                         'Social Security '
                                                         'numbers',
                                                         'Driver’s license '
                                                         'details',
                                                         'Dates of birth',
                                                         'Biometric data',
                                                         'Digital signatures'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Medical Information']},
 'date_detected': '2024',
 'date_publicly_disclosed': '2024',
 'description': 'Corewell Health disclosed a 2024 security breach affecting '
                'approximately 19,000 patients, following a notification from '
                'Pinnacle Holdings LTD, a Colorado-based vendor that '
                'previously provided healthcare consulting services. The '
                'compromised data includes sensitive personal and medical '
                'information, such as names, addresses, Social Security '
                'numbers, driver’s license details, dates of birth, medical '
                'diagnoses, prescription records, treatment information, and '
                'in some cases, biometric data and digital signatures.',
 'impact': {'data_compromised': 'Sensitive personal and medical information, '
                                'including names, addresses, Social Security '
                                'numbers, driver’s license details, dates of '
                                'birth, medical diagnoses, prescription '
                                'records, treatment information, biometric '
                                'data, and digital signatures',
            'identity_theft_risk': 'High'},
 'investigation_status': 'Ongoing',
 'lessons_learned': 'Ongoing vulnerabilities in third-party vendor security '
                    'within the healthcare sector',
 'post_incident_analysis': {'corrective_actions': 'Additional security '
                                                  'measures implemented by '
                                                  'Pinnacle Holdings LTD',
                            'root_causes': 'Third-party vendor security '
                                           'vulnerabilities'},
 'references': [{'source': 'Corewell Health Disclosure'}],
 'response': {'communication_strategy': 'Notification letters mailed to '
                                        'affected individuals',
              'law_enforcement_notified': 'Yes',
              'remediation_measures': 'Additional security measures '
                                      'implemented by Pinnacle Holdings LTD'},
 'title': 'Corewell Health Data Breach Exposes Personal Information of 19,000 '
          'Patients',
 'type': 'Data Breach'}