HealthEC Data Breach Investigation | Corewell Health
The Lyon Firm is investigating data breach claims impacting more than one million Corewell Health, Beaumont ACO or MD Valuecare patients. The breach allegedly stems from an attack on HealthEC, a third party that provides Corewell Health with a population health management platform used to identify high-risk patients.
What Happened at HealthEC?
The Michigan Attorney General’s Office has announced that the protected health information of as many as a million patients had been compromised in a cyberattack on HealthEC.
The company explains in data breach notification letters that suspicious activity was identified within its network between July 14, 2023, and July 23, 2023. Files containing protected health information were allegedly removed from its systems during this time frame.
According to HealthEC, the following types of personal information were compromised: names, addresses, dates of birth, Social Security numbers, medical record numbers, diagnoses and diagnosis codes, mental/physical condition, prescription information, providers’ names, beneficiary numbers, subscriber numbers, Medicaid/Medicare identification numbers, patient account numbers, patient identification numbers, and treatment cost information.
Another HealthEC client known to have been impacted by the attack is Beaumont ACO in Michigan. Individuals may receive notification letters related to this incident from both providers if they have received services from both Corewell Health and Beaumont ACO.
The unauthorized party also copied confidential information belonging to MD Valuecare customers, including their names, dates of birth, medical information, and health insurance information.
If you receive a data breach notification from Corewell, HealthEC or MD Valuecare, it is important to understand the risks of medical identity theft and fraud. A data breach lawyer can help you learn more about how to protect yourself and take the next steps toward filing a class action claim.