Welltok data breach exposes data of 8.5 million US patients

Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service providers across the U.S., maintaining online wellness programs, holding databases with personal patient data, generating predictive analytics, and supporting healthcare needs like medication adherence and pandemic response. Earlier this year, the Clop ransomware gang exploited a zero-day vulnerability in the MOVEit software to breach thousands of organizations worldwide, following up with extortion demands and data leaks impacting over 77 million people. Welltok published a notice of a data incident in late October, warning that its MOVEit Transfer server was breached on July 26, 2023. This occurred despite applying the security updates as soon as those were made available by the vendor. Patient data was exposed during the breach, including full names, email addresses, physical addresses, and telephone numbers. For some, it also includes Social Security Numbers, Medicare/Medicaid ID numbers, and certain Health Insurance information. Initial estimates about the number of impacted individuals varied as Welltok didn't immediately disclose this information. Earlier today, the firm reported on the U.S. Department of Health and Human Services breach portal that the data breach has been confirmed to impact 8,493,379 people. This figure places the Welltok breach as the second largest MOVEit data breach after services contractor Maximus, whose data breach affected 11 million people. Auto parts giant AutoZone warns of MOVEit data breach. Maine govt notifies 1.3 million people of MOVEit data breach. Sony confirms data breach impacting thousands in the U.S. BORN Ontario child registry data breach affects 3.4 million people. McLaren Health Care says data breach impacted 2.2 million people.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000

Cyber News related to Welltok data breach exposes data of 8.5 million US patients

Welltok Data Breach: 8.5M US Patients' Information Exposed - In a recent cybersecurity incident, Welltok, a leading healthcare Software as a Service provider, reported unauthorized access to its MOVEit Transfer server, affecting the personal information of approximately 8.5 million patients in the United ...
11 months ago Securityboulevard.com

Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
11 months ago Bleepingcomputer.com

MOVEit victim count latest: 2.6K+ orgs, 77M+ people The Register - Quick show of hands: whose data hasn't been stolen in the mass exploitation of Progress Software's vulnerable MOVEit file transfer application? Anyone? According to security shop Emsisoft, 2,620 organizations and more than 77 million individuals have ...
11 months ago Theregister.com

Integris Health patients get extortion emails after cyberattack - Integris Health patients in Oklahoma are receiving blackmail emails stating that their data was stolen in a cyberattack on the healthcare network, and if they did not pay an extortion demand, the data would be sold to other threat actors. Integris ...
10 months ago Bleepingcomputer.com

Delta Dental says data breach exposed info of 7 million people - Delta Dental of California is warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental is a dental insurance provider that covers 85 million people ...
11 months ago Bleepingcomputer.com

Delta Dental of California data breach exposed info of 7 million people - Delta Dental of California and its affiliates are warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental of California is a dental insurance provider ...
11 months ago Bleepingcomputer.com

Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
10 months ago Securityboulevard.com

1 million Corewell Health patients could be impacted by second data breach - GRAND RAPIDS, MI - About one million Corewell Health patients in southeast Michigan may have had their personal and medical information exposed in yet another nationwide data breach. Michigan Attorney General Dana Nessel on Tuesday, Dec. 26, ...
10 months ago Mlive.com

Healthcare software provider data breach impacts 2.7 million - ESO Solutions, a provider of software products for healthcare organizations and fire departments, disclosed that data belonging to 2.7 million patients has been compromised as a result of a ransomware attack. According to the notification, the ...
11 months ago Bleepingcomputer.com

Data breach at healthcare tech firm impacts 4.5 million patients - HealthEC LLC, a provider of health management solutions, suffered a data breach that impacts close to 4.5 million individuals who received care through one of the company's customers. HealthEC provides a population health management platform that ...
10 months ago Bleepingcomputer.com

Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
9 months ago Securityzap.com

PJ&A says cyberattack exposed data of nearly 9 million patients - PJ&A is warning that a cyberattack in March 2023 exposed the personal information of almost nine million patients. PJ&A provides medical transcription services to healthcare organizations in the United States. The company said the threat actors ...
11 months ago Bleepingcomputer.com

Ardent hospital ERs disrupted in 6 states after ransomware attack - Ardent Health Services, a healthcare provider operating 30 hospitals across six U.S. states, disclosed today that its systems were hit by a ransomware attack on Thursday. It had to take its entire network offline, notify law enforcement, and hire ...
11 months ago Bleepingcomputer.com

Console & Associates, P.C.: ESO Solutions Notifies 2.7M of Data Breach - PRESS RELEASE. MARLTON, N.J., Dec. 20, 2023 /PRNewswire/ - Approximately 2.7 million patients are being notified that their Social Security numbers and other confidential information were compromised when an unauthorized party gained access to ESO ...
11 months ago Darkreading.com

Dakota Eye Institute Files Notice of Data Breach Affecting More Than 107k Individuals - On October 23, 2023, the Dakota Eye Institute filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that patients' personal information was compromised following a cyberattack. ...
11 months ago Jdsupra.com

Mint Mobile discloses new data breach exposing customer data - Mint Mobile has disclosed a new data breach that exposed the personal information of its customers, including data that can be used to perform SIM swap attacks. Mint is a mobile virtual network operator owned by T-Mobile, offering budget, pre-paid ...
10 months ago Bleepingcomputer.com

WebTPA data breach impacts 2.4 million insurance policyholders - The WebTPA Employer Services data breach disclosed earlier this month is impacting close to 2.5 million individuals, the U.S. Department of Health and Human Services notes. Some of the impacted people are customers at large insurance companies such ...
6 months ago Bleepingcomputer.com

Sav-Rx discloses data breach impacting 2.8 million Americans - Prescription management company Sav-Rx is warning over 2.8 million people in the United States that it suffered a data breach, stating that their personal data was stolen in a 2023 cyberattack. A&A Services, doing business as Sav-RX, is a pharmacy ...
5 months ago Bleepingcomputer.com

Dell warns of data breach, 49 million customers allegedly affected - Dell is warning customers of a data breach after a threat actor claimed to have stolen information for approximately 49 million customers. The computer maker began emailing data breach notifications to customers yesterday, stating that a Dell portal ...
6 months ago Bleepingcomputer.com

Data breaches at Viamedis and Almerys impact 33 million in France - Data breaches at two French healthcare payment service providers, Viamedis and Almerys, have now been determined to impact over 33 million people in the country. Viamedis and Almerys provide healthcare and insurance services in France with ...
9 months ago Bleepingcomputer.com

Data breach at French healthcare services firm puts millions at risk - French healthcare services firm Viamedis suffered a cyberattack that exposed the data of policyholders and healthcare professionals in the country. Though the company's website remains offline at the time of writing, an announcement was posted on ...
9 months ago Bleepingcomputer.com

Data breach debacle hits yet another UK public sector org The Register - More than 22,000 patients of Cambridge University Hospitals NHS Foundation Trust were hit by data leaks that took place between 2020 and 2021. In both cases, it was an own goal when the org handed over the data itself while responding to requests ...
11 months ago Go.theregister.com

FTC orders Blackbaud to boost security after massive data breach - Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. Blackbaud is a U.S.-based ...
9 months ago Bleepingcomputer.com

How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
1 month ago Aws.amazon.com

Ransomware gang behind threats to Fred Hutch cancer patients - The Hunters International ransomware gang claimed to be behind a cyberattack on the Fred Hutchinson Cancer Center that resulted in patients receiving personalized extortion threats. Fred Hutch is a Seattle-based cancer research and patient care and ...
11 months ago Bleepingcomputer.com

Latest Cyber News

CVE-2024-52739 - 17 hours ago
CVE-2018-9483 - 17 hours ago
CVE-2018-9485 - 17 hours ago
CVE-2018-9487 - 17 hours ago
CVE-2018-9470 - 17 hours ago
CVE-2018-9472 - 17 hours ago
CVE-2018-9477 - 17 hours ago
CVE-2024-11492 - 18 hours ago
CVE-2024-52770 - 18 hours ago
CVE-2024-52796 - 18 hours ago
CVE-2024-52769 - 18 hours ago
CVE-2024-51162 - 18 hours ago
CVE-2024-52725 - 18 hours ago
CVE-2024-11491 - 18 hours ago
CVE-2024-11490 - 18 hours ago
CVE-2024-11488 - 19 hours ago
CVE-2024-11486 - 19 hours ago
CVE-2024-11487 - 19 hours ago
CVE-2024-11485 - 19 hours ago
CVE-2024-52471 - 20 hours ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 11 months ago
Kimsuky - 11 months ago
LogoFAIL - 11 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-52282 - 2 days ago
CVE-2024-11278 - 1 day ago
CVE-2024-9653 - 1 day ago
CVE-2024-10515 - 1 day ago
CVE-2024-52614 - 1 day ago
CVE-2024-9239 - 1 day ago
CVE-2024-10855 - 1 day ago
CVE-2024-10899 - 1 day ago
CVE-2024-10900 - 1 day ago
CVE-2024-11277 - 1 day ago
CVE-2024-48895 - 1 day ago
CVE-2024-47865 - 1 day ago
CVE-2024-52033 - 1 day ago
CVE-2024-11176 - 1 day ago
CVE-2024-10126 - 1 day ago
CVE-2024-10127 - 1 day ago
CVE-2024-11179 - 1 day ago
CVE-2024-11494 - 1 day ago
CVE-2024-10665 - 1 day ago
CVE-2024-10891 - 1 day ago