Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Breach
2022
More than 1 million Michiganders affected by Welltok cyberattack

More than 1 million Michiganders affected by Welltok cyberattack

Table of Contents

Incident Details

A cybersecurity breach at Welltok Inc., a software company that offered communication services for Corewell Health's properties in southeastern Michigan and a healthy lifestyle portal for Priority Health, an insurance plan under Corewell, impacted over 1 million individuals in Michigan. Among the affected were approximately 2,500 Priority Health members whose personal information like names, addresses, and health insurance identification numbers was accessed. The breach also exposed data of around 1 million Corewell Health patients, including details such as names, dates of birth, email addresses, phone numbers, medical conditions, health insurance particulars, and Social Security numbers.

Incident

How Did the Breach Happen?

On May 30, a security breach took place as a cyberattacker took advantage of weaknesses in the software of the MOVEit Transfer server. This server is responsible for ensuring the safe and secure transfer of confidential data, such as protected health information.

What Data has been Compromised?

Approximately 2,500 individuals with Priority Health memberships had their names, addresses, and health insurance identification numbers exposed. Additionally, around 1 million patients of Corewell Health had their data compromised, containing details such as names, dates of birth, email addresses, phone numbers, medical diagnoses, health insurance particulars, and Social Security numbers.

Why Did the company's Security Measures Fail?

The security breach was a result of software weaknesses on the MOVEit Transfer server, revealing a lapse in the company's security protocols in promptly detecting and fixing these weaknesses.

What Immediate Impact Did the Breach Have on the company?

Welltok considers the situation with great seriousness and suggests that individuals impacted by the security breach should consider credit monitoring. Moreover, they have shared details and tools to safeguard personal data. Welltok has established a specialized support helpline to assist with any inquiries individuals may have.

How could this have been prevented?

Identifying and addressing software vulnerabilities in a timely manner could have prevented the breach. Conducting routine security evaluations, along with implementing strong cybersecurity protocols, could have reduced the likelihood of such a security incident.

What have we learned from this data breach?

The incident underscores the significance of upholding robust cybersecurity practices and quickly resolving any software weaknesses. It emphasizes the need for companies to give utmost importance to safeguarding confidential information and to consistently assess and enhance their security procedures.

Summary of Coverage

Welltok Inc. experienced a cyberattack that impacted over 1 million residents of Michigan. The breach exposed the personal data of approximately 2,500 members of Priority Health and roughly 1 million patients of Corewell Health due to weaknesses in the software of the MOVEit Transfer server. Welltok has responded to the incident with seriousness, advising those affected to consider enrolling in credit monitoring services. This event highlights the importance of organizations promptly addressing software vulnerabilities and emphasizing cybersecurity protocols.

Is your System Free of Underlying Vulnerabilities?
Find Out Now