Hackers Access Sensitive Health Data Of Welltok Patients


In a recent data breach, hackers have gained unauthorized access to sensitive personal information of over a million individuals. Welltok, the healthcare platform owned by Virgin Pulse, confirmed the breach in a data breach notification filed with Maine’s attorney general.

Key Takeaway

Hackers gained unauthorized access to the sensitive personal information of over a million individuals in a data breach targeting Welltok, the healthcare platform owned by Virgin Pulse. The breach impacted various healthcare providers, compromising not only the patients’ personal information but also their social security numbers, Medicare and Medicaid ID numbers, and health insurance information. This breach is a reminder of the importance of robust security measures to protect sensitive healthcare data.

The Breach

Welltok discovered that hackers exploited a security vulnerability in its MOVEit Transfer server – a system used to transfer large sets of sensitive data over the internet. This breach allowed the hackers to access personal data such as names, dates of birth, addresses, and health information of more than 1.6 million individuals. Additionally, Social Security numbers, Medicare and Medicaid ID numbers, and health insurance information were also compromised for some patients.

Welltok initially became aware of a potential compromise when the system’s developer published details of a software vulnerability earlier this year. After an initial investigation in July that showed no signs of a breach, a second investigation in August revealed that certain data had been exfiltrated from the MOVEit Transfer server.

Affected Parties

Among the affected healthcare providers are Stanford Health Care, Lucile Packard Children’s Hospital Stanford, Stanford Health Care Tri-Valley, Stanford Medicine Partners, and Packard Children’s Health Alliance. Welltok notified these organizations on October 18th. However, it appears that more healthcare providers and individuals were impacted than initially disclosed. Corewell Health, a healthcare services provider in southeast Michigan, reported that the breach compromised the health information of approximately one million patients and around 2,500 Priority Health members. Sutter Health, a nonprofit healthcare provider based in Sacramento, confirmed that more than 840,000 of its patients were also impacted by the breach. St. Bernards, an Arkansas-based healthcare provider, stated that nearly 90,000 of their patients’ data was compromised.

Scope of the Breach

The MOVEit mass-hacks, claimed by the notorious Clop ransomware gang, have affected over 2,600 organizations to date, with the majority being based in the United States. Cybersecurity firm Emsisoft estimates that more than 77 million individuals have been impacted by these cyberattacks. However, the true number of affected individuals is expected to be significantly higher as more organizations come forward.

Leave a Reply

Your email address will not be published. Required fields are marked *