Vulnerability cyber

TELUS Health (US) Ltd.

May 29, 2023 1 min read
TELUS Health (US) Ltd.

The Maine Office of the Attorney General reported that TELUS Health (US) Ltd. experienced a data breach due to a vulnerability in MOVEit Transfer software, which was exploited between May 29, 2023, and May 30, 2023. The breach potentially compromised personal information of 157 individuals, including Social Security numbers of 2 Maine residents. Notifications to affected individuals began on August 7, 2023, and identity theft protection services were offered for one year through Kroll.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/78e338aa-43e5-452d-b5a7-dc77d30ee918.shtml

TPRM report: https://www.rankiteo.com/company/telus-health

"id": "tel125072925",
"linkid": "telus-health",
"type": "Vulnerability",
"date": "5/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 157,
                        'industry': 'Healthcare',
                        'name': 'TELUS Health (US) Ltd.',
                        'type': 'Healthcare'}],
 'attack_vector': 'Exploitation of Vulnerability',
 'data_breach': {'number_of_records_exposed': 157,
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Information',
                                              'Social Security Numbers']},
 'date_publicly_disclosed': '2023-08-07',
 'description': 'The Maine Office of the Attorney General reported that TELUS '
                'Health (US) Ltd. experienced a data breach due to a '
                'vulnerability in MOVEit Transfer software, which was '
                'exploited between May 29, 2023, and May 30, 2023. The breach '
                'potentially compromised personal information of 157 '
                'individuals, including Social Security numbers of 2 Maine '
                'residents. Notifications to affected individuals began on '
                'August 7, 2023, and identity theft protection services were '
                'offered for one year through Kroll.',
 'impact': {'data_compromised': ['Personal Information',
                                 'Social Security Numbers'],
            'identity_theft_risk': 'High'},
 'references': [{'source': 'Maine Office of the Attorney General'}],
 'response': {'communication_strategy': 'Notifications to affected individuals',
              'third_party_assistance': 'Kroll'},
 'title': 'TELUS Health (US) Ltd. Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'MOVEit Transfer software vulnerability'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.