Healthcare software company Welltok is the latest major company to come forward about how it was affected by the MOVEit data breach.
This time, the records of 8.5 million individuals who used Welltok’s services were compromised. The breach is one of the largest reported incidents in the Department of Health and Human Services (HHS) in 2023.
“According to Welltok, it was notified by Progress Software on May 31, 2023, about a vulnerability in the platform and applied the patch and mitigations as recommended by Progress Software,” reads the HIPPA Journal.
Earlier this year, the file transfer service known as MOVEit was compromised by the Cl0p ransomware group. MOVEit was used by companies around the world, both large and small. Government agencies around the world also relied on MOVEit’s services.
At first, Welltok didn’t believe it was compromised by the breach. The data theft wasn’t confirmed until Aug. 26.
Due to the nature of the breach, various healthcare facilities came forward about their respective breaches, the total amount of victims equals 8.5 million.
Facilities that faced breaches include:
- St. Bernards Health.
- Corewell health.
- The Hospital & Medical Foundation of Paris, Inc.
- Mass General Brigham Health Plan.
- Faith Regional Health Services.
- The Guthrie Clinic.
- Blue Cross and Blue Shield of Minnesota and Blue Plus.
- Blue Cross and Blue Shield of Alabama
- Blue Cross and Blue Shield of Kansas
- Blue Cross and Blue Shield of North Carolina
- And more.
“This is yet another stark example of supply chain vulnerabilities being exploited by cybercriminals. For far too long companies who develop software platforms have seen cybersecurity as an expense versus functionality of doing business,” said Tom Kellerman SVP of Cyber Strategy at Contrast Security. “Greater due diligence is necessitated by Virgin Pulse per runtime security and vulnerability management.”
Once a vulnerability is known, it’s only a matter of time before criminals take advantage of it.
“IT teams have limited time before criminals take advantage of the vulnerability if they haven’t done so already,” says Dror Liwer, co-founder of cybersecurity company Coro.