95.3 / 88.5 FM Grand Rapids and 95.3 FM Muskegon
Play Live Radio
Next Up:
0:00 0:00
Available On Air Stations

Second data breach affects one million Corewell Health patients

Corewell Health

HealthEC, a vendor hired by Corewell Health, has been the victim of a data breach.

In November, Corewell Health announced a data breach at Welltok, Inc., a software company contracted by Corewell to provide communication services. That breach impacted one million patients.

Late last week, Corewell announced a second data breach from another vendor, HealthEC, a population health management platform, exposing the info of more than one million Michigan residents. Notice letters were sent out to impacted persons by HealthEC on December 22. While not all residents have the same impacted data, it can include social security numbers, billing information and medical diagnoses.

Corewell is not the only Michigan-based healthcare provider experiencing data breaches. Earlier this year, McLaren Health Care notified residents of a ransomware attack affecting 2.5 million patients, and in August, University of Michigan dealt with its own cyberattack.

In a statement to WGVU, Corewell Health said, quote:

“The privacy of our patients is a top concern. We recently learned our vendor, HealthEC, LLC, was affected by a cyberattack that involved more than 15 organizations earlier this year. HealthEC is communicating directly with individuals whose data was affected by the attack, and credit monitoring is available to all impacted people.” End quote.

Dave joined WGVU Public Media in November of 2023 after eighteen years as a Michigan Association of Broadcasters Emmy-nominated photojournalist and editor at Grand Rapids' WOOD TV8 and three years at WEYI TV25 in Flint, Michigan. As a General Assignment Reporter, Dave covers daily news and community events all over West Michigan.
Related Content