Patients of Welltok, sensitive health data was accessed by hackers
2 mins read

Patients of Welltok, sensitive health data was accessed by hackers

Hackers gained unauthorized access to personal data from over a million individuals by exploiting a security flaw in a file transfer tool used by Welltok, the healthcare platform owned by Virgin Pulse. Welltok, based in Denver, is a patient engagement company collaborating with healthcare plans to communicate with subscribers about their health.

The data breach, confirmed in a notification to Maine’s attorney general, affected more than 1.6 million people. Welltok disclosed that hackers accessed sensitive information, including names, dates of birth, addresses, health details, Social Security numbers, Medicare and Medicaid ID numbers, and health insurance information.

Welltok discovered the compromise after the system’s developer published a vulnerability in the MOVEit Transfer server earlier this year. Initially, in July, Welltok found no indication of a compromise, but a subsequent investigation in August revealed that hackers had “exfiltrated certain data.”

Also Read | 23andMe confirms stolen user data

The breached data involved group healthcare plans of various organizations, including Stanford Health Care, Lucile Packard Children’s Hospital Stanford, Stanford Health Care Tri-Valley, Stanford Medicine Partners, and Packard Children’s Health Alliance.

However, additional healthcare providers, such as Corewell Health in Michigan, Sutter Health in Sacramento, and St. Bernards in Arkansas, reported being affected, indicating a broader impact than initially disclosed by Welltok.

Welltok’s breach notification website was found to have “noindex” code, making it less accessible for affected individuals searching for information. The breach, attributed to the Clop ransomware gang, is considered one of the largest incidents this year, affecting over 2,600 organizations and an estimated 77 million individuals, with the actual number likely higher as more organizations report incidents. TheOrcTech has reached out to Welltok for comment but has not received a response at the time of publication.

Also Read | Government entities in APAC were targeted by an APT campaign discovered by Kaspersky

Leave a Reply

Your email address will not be published. Required fields are marked *