Home Breaking News CHI St. Vincent patients notified of cyber ‘event’ involving personal data

CHI St. Vincent patients notified of cyber ‘event’ involving personal data


OptumRx, Inc. has reported a vendor privacy incident involving the personal information of certain Arkansas residents, according to a company press release.

On August 11, Welltok, Inc., which provides a variety of wellness-related communication services on behalf of OptumRx through mail, text messaging and outbound phone calls, discovered it had been affected by the MOVEit Transfer software vulnerability earlier this year.

Welltok is employed by CHI St. Vincent hospitals and clinics and patients were notified by mail earlier this month “an event that may affect the security of your personal information.”

Welltok investigated the incident with the assistance of a third-party cybersecurity vendor and determined an unknown actor exploited the software vulnerability, accessed Welltok’s MOVEit Transfer server from May 30-May 31, 2023, and obtained certain data during that time.

On Nov. 6, based on information provided by Welltok, OptumRx determined some of its patients’ information was compromised because of this incident. The information involved could include names, dates of birth, gender, telephone numbers, mailing addresses, email addresses, unique identifiers, and prescription information. It was noted that no Social Security numbers, driver’s license numbers or financial account information was involved. Welltok began notifying individuals via mail on Dec. 22.

While this incident did not impact any OptumRx systems, the company takes this matter seriously and is committed to protecting the privacy and security of its patients’ personal information. While there is no evidence any information has been misused, the company recommend individuals regularly monitor their health insurance and other statements for any unfamiliar activity, according to the release.

Welltok is providing two-years of complimentary credit monitoring and identity protection services through Experian to people affected by this incident. Individuals should report any suspicious activity to their health plan or other relevant institution. Additionally, a dedicated tollfree hotline has been established to help answer any questions and can be reached at 1-800-628- 2141, between 6 a.m. and 8 p.m. PST, and Saturday and Sunday 8 a.m. to 5 p.m. PST.

Previous articleARKANSAS DOT: Left lane for passing only
Next articleJunior Auxiliary gets recognition, grant for ‘Story Walk’ project