• Advertise
  • Subscribe
  • Forums
  • Buyer's Guide
  • Contact Us
  • Connect on LinkedIn
    1. Cybersecurity

    AG: Corewell Health reports another data breach affects 1 million patients

    Dec. 28, 2023
    According to the state Attorney General's Office, those impacted are serviced by Corewell Health vendor HealthEC.

    By Aileen Wingblad

    Source The Oakland Press, Sterling Heights, Mich.

    The Oakland Press
    corewell_health_photo

    Dec. 27 — A cyber security breach at Corewell Health has reportedly affected more than one million Michigan residents.

    According to the state Attorney General's Office, those impacted are serviced by Corewell Health vendor HealthEC. Letters informing those affected were mailed out by HealthEC on Dec. 22, the AG's Office said.

    Data impacted by the breach could vary among patients and include:

    — Name, address, date of birth

    — Social Security number, medical record number, Medicaid and/or Medicare information

    — Health insurance information such as diagnosis/diagnosis code, mental/physical condition, prescription information including provider's name

    — Billing and claims information including patient account number, patient identification number, treatment cost information

    A smaller number of patients were also impacted through Beaumont ACO, which has a separate contract with HealthEC. Those affected may receive two notice letters, though the data affected is reportedly the same for both Beaumont ACO and Corewell Health.

    The AG's Office said it was contacted by Corewell Health about the breach ahead of its public announcement though that isn't required by Michigan law. The AG's Office said it often learns about data breaches through media reports.

    HealthEC is offering 12 months of credit monitoring and identity protection services through TransUnion. Information on how to enroll will be mailed directly to potentially impacted patients. For additional information, consumers can call 1-833-466-9216 toll-free.

    The data breach is the second one reported at Corewell Health in recent weeks. Last month, Corewell Health announced a breach at Welltok, Inc. a software company contractor that provides communications services. Approximately one million patients were impacted by this breach as well, the AG's Office said.

    Also, approximately 2.5 million McLaren Health Care patients were impacted by a ransomware attack earlier this year, and, in late August, the University of Michigan had a cyber attack compromising Social Security numbers, driver's license and other government-issued ID numbers, and medical records, the AG's Office said.

    ___

    (c)2023 The Oakland Press, Sterling Heights, Mich.

    Visit The Oakland Press, Sterling Heights, Mich. at https://www.theoaklandpress.com/

    Distributed by Tribune Content Agency, LLC.

    Courtesy of BigStock.com -- Copyright: Elnur
    The failures to follow best practices expand the organization’s attack surface and increases the chance of data breaches.