{
	"id": "9c00f185-cf8b-4977-8bc8-e22ea87e5e43",
	"created_at": "2026-04-06T00:08:23.183146Z",
	"updated_at": "2026-04-10T03:21:09.874794Z",
	"deleted_at": null,
	"sha1_hash": "d71bc40fa32703fb22d63efec01761597011fd0f",
	"title": "Welltok data breach exposes data of 8.5 million US patients",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 2055667,
	"plain_text": "Welltok data breach exposes data of 8.5 million US patients\r\nBy Bill Toulas\r\nPublished: 2023-11-22 · Archived: 2026-04-05 15:54:37 UTC\r\nHealthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in\r\nthe U.S. after a file transfer program used by the company was hacked in a data theft attack.\r\nWelltok works with health service providers across the U.S., maintaining online wellness programs, holding databases with\r\npersonal patient data, generating predictive analytics, and supporting healthcare needs like medication adherence and\r\npandemic response.\r\nEarlier this year, the Clop ransomware gang exploited a zero-day vulnerability in the MOVEit software to breach thousands\r\nof organizations worldwide, following up with extortion demands and data leaks impacting over 77 million people.\r\nhttps://www.bleepingcomputer.com/news/security/welltok-data-breach-exposes-data-of-85-million-us-patients/\r\nPage 1 of 4\n\n0:00\r\nhttps://www.bleepingcomputer.com/news/security/welltok-data-breach-exposes-data-of-85-million-us-patients/\r\nPage 2 of 4\n\nVisit Advertiser websiteGO TO PAGE\r\nWelltok published a notice of a data incident in late October, warning that its MOVEit Transfer server was breached on July\r\n26, 2023. This occurred despite applying the security updates as soon as those were made available by the vendor.\r\nPatient data was exposed during the breach, including full names, email addresses, physical addresses, and telephone\r\nnumbers. For some, it also includes Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain Health\r\nInsurance information.\r\nThe impact of the breach impacted institutions in various states, including Minnesota, Alabama, Kansas, North Carolina,\r\nMichigan, Nebraska, Illinois, and Massachusetts, with the following healthcare providers said to be impacted:\r\nBlue Cross and Blue Shield of Minnesota and Blue Plus\r\nBlue Cross and Blue Shield of Alabama\r\nBlue Cross and Blue Shield of Kansas\r\nBlue Cross and Blue Shield of North Carolina\r\nCorewell Health\r\nFaith Regional Health Services\r\nHospital \u0026 Medical Foundation of Paris, Inc. dba Horizon Health\r\nMass General Brigham Health Plan\r\nPriority Health\r\nSt. Bernards Healthcare\r\nSutter Health\r\nTrane Technologies Company LLC and/or group health plans sponsored by Trane Technologies Company LLC or\r\nTrane U.S. Inc.\r\nThe group health plans of Stanford Health Care, of Stanford Health Care, Lucile Packard Children’s Hospital\r\nStanford, Stanford Health Care Tri-Valley, Stanford Medicine Partners, and Packard Children’s Health Alliance\r\nThe Guthrie Clinic\r\nInitial estimates about the number of impacted individuals varied as Welltok didn’t immediately disclose this information.\r\nHowever, earlier today, the firm reported on the U.S. Department of Health and Human Services breach portal that the data\r\nbreach has been confirmed to impact 8,493,379 people.\r\nThis figure places the Welltok breach as the second largest MOVEit data breach after services contractor Maximus, whose\r\ndata breach affected 11 million people.\r\nhttps://www.bleepingcomputer.com/news/security/welltok-data-breach-exposes-data-of-85-million-us-patients/\r\nPage 3 of 4\n\nAutomated Pentesting Covers Only 1 of 6 Surfaces.\r\nAutomated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the\r\nother.\r\nThis whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic\r\nquestions for any tool evaluation.\r\nSource: https://www.bleepingcomputer.com/news/security/welltok-data-breach-exposes-data-of-85-million-us-patients/\r\nhttps://www.bleepingcomputer.com/news/security/welltok-data-breach-exposes-data-of-85-million-us-patients/\r\nPage 4 of 4",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"references": [
		"https://www.bleepingcomputer.com/news/security/welltok-data-breach-exposes-data-of-85-million-us-patients/"
	],
	"report_names": [
		"welltok-data-breach-exposes-data-of-85-million-us-patients"
	],
	"threat_actors": [],
	"ts_created_at": 1775434103,
	"ts_updated_at": 1775791269,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/d71bc40fa32703fb22d63efec01761597011fd0f.pdf",
		"text": "https://archive.orkl.eu/d71bc40fa32703fb22d63efec01761597011fd0f.txt",
		"img": "https://archive.orkl.eu/d71bc40fa32703fb22d63efec01761597011fd0f.jpg"
	}
}