Security News > 2023 > November > MOVEit victim count latest: 2.6K+ orgs hit, 77M+ people's data stolen

According to the UK's Times, the information posted "Is primarily limited to name and/or contact information, as well as information on the product you purchased from us. No banking details, credit card numbers or high-risk data such as login information or account details were taken."

The Virgin Pulse-owned company has sent notification letters to more than 1.6 million patients alerting them that their names, addresses, dates of birth, and health information may have been stolen by miscreants abusing MOVEit, according to a November 18 filing with the Maine Attorney General's office.

Sutter provides health care to more than three million people in northern California.

Welltok also provides patient data communications for Michigan's Corewell Health as well as its Priority Health lifestyle portal, and a ton of those patients also were hit by the MOVEit breach.

Corewell Health patients' may have had their names, dates of birth, email addresses, phone numbers, diagnosis, health insurance information and Social Security numbers exposed.

"The information accessed by the unknown actor may have included, depending on the individual, their name, address, date of birth, social security number, email address, phone number, patient identification number, health insurance information, provider's name, and medical treatment or diagnosis information," according to the Arkansas-based health care provider.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/11/20/moveit_victim_77m_medical/