They don’t call Stephen King the King of Horror for nothing, with 65 published books, 60 films and 50 TV shows under his belt. All in the horror fiction genre. King states that “to watch the insanity and depravity allows us to release our inner insanity, which in turn, keeps us sane.” More than ever, we need our sanity! He should consider next writing about the horror of fraud, using Corewell Health of Michigan as the setting in the story line.
Corewell Health is a not-for-profit health system that provides health care and services in twenty two hospitals, with more than three hundred outpatient locations and several post-acute facilities. On December 26, 2023, Michigan Attorney General Dana Nessel announced that between July 14 and July 23, 2023, there was a data breach at HealthEC, a vendor that provides services to high-risk patients for Corewell Health. Files of “protected” personal identifying information and health records of more than one million were compromised. Names, addresses, dates of birth, Social Security numbers, medical record numbers, diagnoses and diagnosis codes, mental/physical condition, prescription information, providers’ names, beneficiary numbers, subscriber numbers, Medicaid/Medicare identification numbers, patient account numbers, patient identification numbers, and treatment cost information. Good by patient identities. Hello fraud.
The real horror is that this is the second major data breach to affect Corewell Health patients this year. In November, Welltok Inc., a communication services vendor for Corewell Health, also notifed one million Corewell Health patients that their “protected” health information had been stolen in the now famous Progress Software’s MOVEit cyberattack. Two separate incidents, conducted by unrelated fraudsters on the same database. That is a horror movie.
Stephen King is quoted as saying, “Fool me once, shame on you. Fool me twice, shame on me. Fool me three times, shame on both of us.” Hopefully there isn’t a third time for Corewell Health Patients.
Today’s Fraud of The Day is based on article “Michigan health system reports 2nd data breach, affecting more than 1M patients” published by ABC News on December 27, 2023
A health system in Michigan has experienced its second cybersecurity breach this year, affecting more than 1 million patients, according to state officials. Michigan Attorney General Dana Nessel announced Tuesday there was a breach at HealthEC, a vendor that provides services to Corewell Health’s southeast Michigan properties. The breach exposed patients’ personal and medical information.
HealthEC services is helping to “identify high-risk patients, close gaps in care and recognize barriers to optimal care,” according to a release.