Welltok Scam Data Breach Letter: Don’t Be A Victim!

ByWendy

Have you received a letter from Welltok notifying you of a data breach? Beware! Scammers are using the opportunity to send people fake data breach letter. The scam letter contains a link to a malicious website.

Is the Welltok letter you received scam or a legit one? Here’s all you need to know.

What is Welltok?

Welltok is a tech company that provides the platform and application various healthcare organizations (hospitals, pharmacies, clinics, etc) use to share information to their patients and to manage health wellness programs. Unfortunately, on May 31, 2023, they became a victim to data breach.

How Did The Data Breach Happen?

The data breach was as a result of a vulnerability in their file-transfer application, MOVEit. The MOVEit is a tool Welltok relies on to transfer data with its clients securely.  The information compromised in the data breach are;

  • Personal identification details like your name, date of birth, driver’s license number, state identification card number, and address.
  • Incredibly sensitive information such as Social Security numbers.
  • Protected health information is critical for safeguarding patient privacy.

How To Identify a Legit or Scam Weltok Data Breach Letter

The legit Weltok Data Breach letter contains a link to Weltok.com page. Which provides information about the data breach and steps to protect yourself. Like the Arietis Health scam letter, the Weltok scam letter, contains a link to a malicious website. The scam website asks for your personal information including birthdate, SSN, etc.

The scammers claim it is a free credit monitoring service. However, it isn’t. Weltok didn’t mention anything about the free credit monitoring service on their website.

The first question you need to ask yourself is this; why does this site need my personal info if they are indeed from Weltok? Shouldn’t they have already gotten it from Weltok?

 Your PII; birthdate, SSN and name is sensitive info that shouldn’t be shared without due dilligence and confirmation.

What To Do If You’re A Victim of Weltok Data Breach

Change Your Passwords

You need to change the password right now. Just do it. Change the password you use to access the health care facility affected. Don’t be part of the one in six Americans who blithely do nothing after a breach. Use a strong, unique password generated by your password manager.

Meanwhile, if you use same password on other sites, change the password too.

Closely Monitor your Credit/Debit Cards

Since there is a chance that your credit or debit card information was stolen, keep an eye on your bank statements for unauthorised activity.

Request for a Fraud Alert/ Credit Freeze on Your Account

If you notice any suspicious activity, immediately call your bank. Request for a fraud alert or credit freeze on your credit reports to prevent unauthorised access. It is free to place a freeze on your credit report .

Consider Identity Theft Protection

Identity Theft Protection you have access to a Certified Resolution Specialist that will help secure your information and work with you if your information becomes compromised by a data breach.

Report the Scam

Report the scam to relevant authorities and organizations. This includes:

  • Internet Crime Complaint Center (IC3): If you are in the United States, you can file a complaint with the IC3 at https://www.ic3.gov/.
  • Your Local Consumer Protection Agency: Contact your local consumer protection agency or the equivalent regulatory body in your country.
  • Better Business Bureau (BBB): File a complaint with the BBB if the online store is based in the United States.

Conclusion

Scammers are sending people Weltok scam data breach letter that contains a link to a malicious website. If you fall for this scam, your personal and financial information will be stolen and used to steal your money. Beware!

Wendy is a Cybersecurity Professional, who's passionate about protecting people and organizations from emerging threats. She's certified in the following; Google Cybersecurity Professional Certificate, Career Essentials in Cybersecurity by Linkedin and Microsoft, and Certified in Cybersecurity by ISC2.

In 2019, she left her role as a Threat Alert writer and founded SabiReviews. With more Cybersecurity certifications bagged, she knows her purpose; To educate the public about cybercrimes, to provide genuine reviews about services and products, and to stop cyber crimes.

Leave a Reply

Your email address will not be published. Required fields are marked *