Welltok Data Breach Affects 8.5 Million Patients: A Result of MOVEit Transfer Software Vulnerability

November 23, 2023

Welltok, a company offering health optimization solutions, has disclosed a data breach that has affected approximately 8.5 million patients in the U.S. The company's MOVEit Transfer server was compromised by hackers on July 26, 2023.

"On July 26, 2023, Welltok was alerted to an earlier alleged compromise of our MOVEit Transfer server in connection with software vulnerabilities made public by the developer of the MOVEit Transfer tool. Welltok had previously installed all published patches and security upgrades immediately upon such patches being made available by Progress Software, the developer of the MOVEit Transfer tool." stated the company in a notice.

The investigation, which involved a complete reconstruction of systems and historical data, confirmed on August 11, 2023, that an unauthorized actor had exploited software vulnerabilities and had accessed the MOVEit Transfer server on May 30, 2023. The perpetrator exfiltrated certain data during that time.

The breach was part of a larger hacking campaign that exploited a zero-day vulnerability in the MOVEit Transfer software. The threat actors accessed patient data including full names, email addresses, physical addresses, and telephone numbers. In some cases, they also obtained Social Security Numbers (SSNs), Medicare/Medicaid ID numbers, and certain health insurance information. Despite the breach, Welltok stated that there's no evidence of misuse of the patients' information.

The Cl0p ransomware group was identified as the perpetrator of the large-scale hacking campaign targeting the MOVEit Transfer platform. The group exploited the zero-day vulnerability CVE-2023-34362 to hack platforms worldwide and steal data. According to cybersecurity firm Emsisoft, the attacks have impacted about 1,000 organizations and over 60 million individuals.

The majority of the victims were U.S.-based organizations (83.9%), followed by Germany (3.6%), Canada (2.6%), and the U.K. (2.1%). The finance, professional services, and education sectors were the most affected, accounting for 24.3% and 26.0% of incidents respectively. The Welltok data breach was one of the most significant in the MOVEit data breaches, ranking third in the number of affected individuals.

Related News

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.