This post may contain affiliate links, please read our affiliate disclosure to learn more.
Health data breach

HealthEC Data Breach Impacted 4.5 Million Patients

 By Nataly Vovk | Threat Intelligence Analyst
 Published on January 3rd, 2024
This post was updated on January 4th, 2024

In July 2023, HealthEC LLC, a key player in health management solutions, experienced a significant data breach impacting roughly 4.5 million individuals. The breach happened between July 14 and July 23 and exposed a vast array of sensitive data.

Compromised information included personal identifiers like names and Social Security Numbers (SSNs), as well as detailed medical records, diagnoses, and insurance information. The breach affected several healthcare providers and state health systems, notably including Corewell Health and the State of Tennessee’s Division of TennCare.

NordVPN 67% off + 3-month VPN coupon

Stay One Step Ahead of Cyber Threats

Want to Be the Smartest Guy in the Room? Get the Latest Cybersecurity News and Insights.
We respect your privacy and you can unsubscribe anytime.

Responding to the crisis, HealthEC notified clients and affected individuals on October 26, with formal notifications sent out starting December 22, 2023. They reported the breach to the Department of Health and Human Services’ Office for Civil Rights in line with regulatory requirements.

To mitigate the damage and prevent future incidents, HealthEC enhanced its security measures and offered complimentary credit monitoring to those impacted. The company also advised individuals to monitor their credit reports and account statements closely for signs of identity theft or fraud.

The Michigan Attorney General, among others, has called for stricter legislation mandating prompt notifications in the event of data breaches.

"Amateurs hack systems, professionals hack people."
-- Bruce Schneier, a renown computer security professional
Scroll to Top