The list of MOVEit victims has continued to grow and healthcare provider Welltok can now be added to it.
TechCrunch found that the company began sending breach notices to affected customers after filing a breach notice with the Maine Attorney General detailing how, despite an initial investigation showing no evidence of compromise, a second analysis found unauthorized access which was made possible via the MOVEit vulnerability.
Welltok also published an announcement on its website, claiming that hackers had stolen Social Security numbers (SSN), Medicare and Medicaid ID numbers and, for some patients, health insurance information, along with names, dates of birth, mailing addresses and healthcare information. , which would affect a total of approximately 1.6 million people.
More victims
The incident affected group health care plans for Stanford Health Care, Lucile Packard Children’s Hospital Stanford, Stanford Health Care Tri-Valley, Stanford Medicine Partners and Packard Children’s Health Alliance, the company added.
TechCrunch also believes that Welltok may not have listed all affected customers. It discovered Corewell Health, Sutter Health and St. Bernards, all of which recently confirmed data breaches, and all three reportedly used Welltok for patient communications.
The company, which was acquired by Virgin Pulse in November 2021, is a patient engagement company that encourages users to connect with their healthcare providers via text, email, social media and the like.
In late May 2023, cybersecurity researchers identified that MOVEit, a well-known managed file transfer product, contained a major vulnerability that allowed hackers to steal sensitive data.
MOVEit was used by many organizations around the world, including SMBs and large enterprises, and newer estimates suggest that more than 2,500 companies may have been affected by the breach. The attack, the aftermath of which is still being discovered, saw sensitive data belonging to more than 60 million people stolen.
