Premier Health patients impacted by MOVEit related incident at Welltok
Learn More
Premier Health reports that a cybersecurity incident at Welltok, Inc. - a communications software firm - potentially compromised the personal details of patients. Premier Health operates a healthcare network that includes three hospitals and two major health centers in the Dayton area.
Welltok, which develops software enabling health care institutions to communicate with patients, informed recipients via letters dated November 17 about the data breach that occurred on May 30 earlier this year and is caused by a vullnerability in their MOVEit Transfer server. In August, it was confirmed that an unidentified entity had exploited software vulnerabilities to gain access to the MOVEit Transfer service, which is used for cloud services like data storage.
The compromised information varies per individual and include:
- Social Security Numbers,
- Medicare/Medicaid ID Numbers,
- specific health insurance details were expose.
- name of a health provider
- prescription details,
- treatment codes
Premier Health was apprised of the extent of data stored on the compromised server by October 23. Since then, Welltok has been collaborating with the health system to inform those affected. The number of affected patients at Premier has not been disclosed.
While there's no indication that any Premier Health patient data has been inappropriately used, Welltok is offering a 12-month credit monitoring service to potentially affected individuals, who must enroll by the end of February. Welltok started sending notifications to affected individuals on behalf of various health care organizations after completing their investigation.
Update - as of 4th of September 2025, Premier Health reports they have conclude the investigation into the breach. The incident affected 10,833 individuals.
