MUSC Health Hospitals Caught in Westat Data Breach

Westat experienced a data breach through a vulnerability in the MOVEit software.

By HFT Staff

Westat provides research support and services pursuant to hospital and provider contracts with certain governmental agencies, including Medical University Hospital Authority’s MUSC Health hospitals. Westat Inc. is providing notice of a recent incident that may affect the privacy of some personal and/or medical information collected from Medical University Hospital Authority’s hospitals. Westat is unaware of any misuse of individual information and is providing this notice out of an abundance of caution. 

Westat utilized MOVEit Transfer third-party software to manage data it collected and/or maintained on behalf of other organizations. On May 30, 2023, Westat detected unusual activity occurring in its MOVEit instance. Westat immediately took steps to ensure the security of its environment. The following day, MOVEit announced a software vulnerability had affected many companies across various industries. With the assistance of third-party forensic specialists, Westat investigated to determine the nature and scope of the activity. 

The investigation determined that certain data stored on the MOVEit server may have been copied without authorization between May 28 and May 29. Westat conducted a detailed review of the data involved to determine the type of information that was present and to whom it was related. This review confirmed that certain information belonging to medical providers was present in the affected data and was accessed or acquired during the MOVEit incident. Upon completion of this analysis, Westat notified governmental agency partners and affected medical providers and is now providing notification to affected individuals at the direction of certain medical providers involved. 

The types of personal information that may have been copied by the unauthorized actor include patient demographics such as name, address, medical record number, provider name(s), dates of service and date of birth; insurance coverage details; and patient diagnosis codes related to patients’ hospital visits. 

October 19, 2023

Topic Area: Information Technology , Security

Recent Posts

The Advantages of Access Control Technology Over Traditional Formats

Access control manufacturers discuss the technology’s potential benefits.

Preparing for the Hazards of Winter Weather

Winter is here and healthcare facilities must be ready for inclement weather to prevent slips and falls.

The Leapfrog Group Announces 2023 Top Hospital and Top ASC Award Winners

132 hospitals earned the Top Hospital Award, and 27 ambulatory surgery centers earned the Top ASC Award.

Tampa General Hospital Completes Acquisition of Bravera Health

This acquisition will expand TGH’s capabilities and reach.

Protecting Healthcare Facility Workers During Winter Weather

As facility managers brace for colder weather, workplace safety must remain top of mind.


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Healthcare Facilities Today membership includes free email newsletters from our facility-industry brands.

Facebook   Twitter   LinkedIn   Posts

Copyright © 2023 TradePress. All rights reserved.