Corewell Health Suffers SECOND Data Breach in 2023: 1 Million Patients Exposed

Corewell Health Suffers SECOND Data Breach in 2023: 1 Million Patients Exposed

Corewell Health faces a significant cybersecurity setback in 2023, marking its second data breach this year, affecting over 1 million patients, as disclosed by Michigan state officials.

On Tuesday, Michigan Attorney General Dana Nessel reported a breach at HealthEC, a vendor serving Corewell Health’s properties in southeast Michigan. This breach compromised patients’ personal and medical details. HealthEC’s services focus on identifying high-risk patients, closing care gaps, and recognizing barriers to optimal care.

The exposed information may include a range of sensitive details such as names, addresses, dates of birth, Social Security numbers, medical diagnoses, mental and physical conditions, health insurance information, treatment costs, and billing and claims information.

Affected patients were notified through letters mailed on Dec. 22, according to Nessel’s office, emphasizing the importance of swift and comprehensive protection for individuals affected by healthcare-related data breaches.

Michigan Attorney General Nessel remarked, “Health information is some of the most personal information we have. Michigan residents have been subjected to a surge of healthcare-related data breaches and deserve robust protection.”

Corewell Health took proactive steps by notifying the attorney general’s office before making a public announcement about the breach. Last month, the health system faced a similar challenge when vendor Welltok experienced a data breach impacting over 1 million patients.

For those affected, Nessel’s office recommends essential measures like changing passwords, reaching out to banks or credit unions, and potentially placing a fraud alert on credit files to prevent identity theft.

This incident is part of a broader trend of cyber attacks and data breaches impacting health systems across the U.S. In Oklahoma, Integris Health disclosed a data breach at the end of November, with an unauthorized party accessing patient records. The situation escalated when a group threatened to expose information on the dark web unless a payment was made.

Similarly, Capital Health in New Jersey faced network outages, suspecting a cybersecurity incident. Ardent Health Services, operating hospitals in New Jersey, diverted ambulances and canceled procedures due to a ransomware attack on Thanksgiving Day. These incidents highlight the growing challenges in securing healthcare data and the urgent need for comprehensive protection measures.

About Author

Emily Johnson

Meet Emily Johnson, a rising star in the world of news reporting. Armed with a Communications degree from Harvard University, Emily's writing is a perfect blend of creativity and fact-based journalism. She specializes in human-interest stories, bringing the personal touch that makes every story relatable. Whether it's heartwarming tales or societal issues, Emily is your guide to the trending news you won't want to miss.

Leave a Reply

Your email address will not be published. Required fields are marked *