The Michigan Attorney General announced that Corewell Health suffered a data breach affecting Michigan residents. 

The names, dates of birth, email addresses, phone numbers, medical diagnoses, health insurance information and Social Security numbers for about one million Corewell Health patients were compromised in the breach. In addition, the names, addresses and health insurance identification numbers of 2,500 users of the portal for Priority Health were also compromised, according to a statement from the health system earlier this month. In total, the breach affected nearly 8.5 people nationally.

The attack, which occurred on May 30, exploited software vulnerabilities on the MOVEit Transfer server owned by Virgin Pulse, Welltok's parent company.

Welltok has confirmed that those affected include people who have received health care or insurance provided by the following companies:

• Asuris Northwest Health 
• BridgeSpan Health
• Blue Cross and Blue Shield of Minnesota and Blue Plus
• Blue Cross and Blue Shield of Alabama
• Blue Cross and Blue Shield of Kansas
• Blue Cross and Blue Shield of North Carolina
• Faith Regional Health Services
• Hospital & Medical Foundation of Paris, Inc. dba Horizon Health
• Mass General Brigham Health Plan
• Regence BlueCross BlueShield of Oregon
• Regence BlueShield
• Regence BlueCross BlueShield of Utah
• Regence Blue Shield of Idaho
• St. Bernards Healthcare
• Sutter Health
• Trane Technologies Company LLC and/or group health plans sponsored by Trane Technologies Company LLC or Trane U.S. Inc.
• The group health plans of Stanford Health Care, of Stanford Health Care, Lucile Packard Children’s Hospital Stanford, Stanford Health Care Tri-Valley, Stanford Medicine Partners, and Packard Children’s Health Alliance