November 22, 2023 at 02:09PM
Healthcare SaaS provider, Welltok, has experienced a data breach, compromising the personal data of nearly 8.5 million patients in the U.S. The breach occurred after their file transfer program was hacked. Welltok offers services to health service providers, including maintaining online wellness programs and holding patient data. The breach involved the exposure of patient information such as names, addresses, and phone numbers, and for some, Social Security Numbers and health insurance information. The breach impacted various healthcare providers in different states. This breach is the second largest MOVEit data breach.
Summary:
Welltok, a healthcare SaaS provider, experienced a data breach that exposed the personal data of approximately 8.5 million patients in the U.S. The breach occurred due to a hack on the company’s file transfer program. Welltok collaborates with health service providers to maintain online wellness programs, databases with patient data, predictive analytics, and support healthcare needs. The breach occurred despite the company applying security updates promptly. The compromised data includes full names, email addresses, physical addresses, telephone numbers, and for some individuals, Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health Insurance information. The breach impacted various healthcare providers in states such as Minnesota, Alabama, Kansas, North Carolina, Michigan, Nebraska, Illinois, and Massachusetts. Welltok confirmed the breach impacted 8,493,379 people, making it the second-largest MOVEit data breach after Maximus.