LANSING, Mich. (WXYZ) — A second data breach has exposed the information of more than 1 million Corewell Health patients in Michigan.
Michigan Attorney General Dana Nessel confirmed a breach at HealthEC, a vendor that provides services to Corewell's Southeast Michigan properties.
Impacted data can included names, addresses, social security numbers, billing information and other personal information. Notice letters were mailed to those impacted on Dec. 22.
“Health information is some of the most personal information we have,” Nessel said in a statement. “Michigan residents have been subjected to a surge of healthcare-related data breaches and deserve robust protection. It is critical that the Michigan legislature join the many other states that require companies who experience a data breach to immediately inform the Department of Attorney General.”
Last month, Corewell announced a data breach at Welltok, a company that provides communications services. That breach also impacted 1 million patients.
Some patients at Beaumont ACO were also impacted.
“Some Corewell patients may receive two letters due to the impact of this breach, which may cause confusion,” Nessel said. “Irrespective of how or when you’ve been impacted by a security breach, my Department stands ready to help Michigan residents protect their identities and personal information.”
Credit monitoring and identity protection services are being offered to people impacted. You can find more information on Health EC’s website or by calling 1-833-466-9216.
