Corewell Health A.I CyberSecurity Scoring
Corewell Health
Company Information
Website:http://corewellhealth.org
Employees number:41,961
Number of followers:66,399
NAICS:62
Industry Type:Hospitals and Health Care
Homepage:corewellhealth.org
Corewell Health Risk Score (AI oriented)
Between 0 and 549
Corewell HealthHospitals and Health Care
Updated:
01/04/2026
01/04/2026
513/1000
Critical
C
Corewell Health Global Score (TPRM)
xxxx
Corewell HealthHospitals and Health Care
Score locked

Corewell HealthCritical
Current Score
513C (CRITICAL)
01000
5 incidents
-81 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
529
JUNE 2026
528
MAY 2026
519
APRIL 2026
516
MARCH 2026
572
Breach
27 Mar 2026 • Corewell Health
Corewell Health and Pinnacle Holdings LTD: Thousands of Corewell Health patients affected by security breach
Corewell Health Data Breach Exposes Personal Information of 19,000 Patients
512
CRITICAL-60
OLECOR1774664850
Corewell Health Data Breach Exposes Personal Information of 19,000 Patients
Corewell Health disclosed a 2024 security breach affecting approximately 19,000 patients, following a notification from Pinnacle Holdings LTD, a Colorado-based vendor that previously provided healthcare consulting services. The compromised data includes sensitive personal and medical information, such as names, addresses, Social Security numbers, driver’s license details, dates of birth, medical diagnoses, prescription records, treatment information, and in some cases, biometric data and digital signatures.
Corewell Health completed a review to identify impacted individuals and confirmed that Pinnacle has mailed notification letters to those affected. While no fraudulent activity has been reported, the breach was reported to law enforcement, and the responsible party remains unidentified. Pinnacle has implemented additional security measures and is offering free credit monitoring and identity protection services to affected individuals.
This incident follows two major breaches in late 2023, where cyberattacks on Corewell’s vendors Welltok, Inc. and HealthEC LLC exposed the data of over 1 million patients each. The repeated breaches highlight ongoing vulnerabilities in third-party vendor security within the healthcare sector.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
FEBRUARY 2026
569
JANUARY 2026
565
DECEMBER 2025
561
NOVEMBER 2025
557
OCTOBER 2025
552
SEPTEMBER 2025
548
AUGUST 2025
543
JULY 2025
640
Breach
28 Jul 2025 • Corewell Health
Corewell Health and HealthEC LLC: HealthEC $5.48M Data Breach Class Action Settlement
HealthEC Data Breach Settlement Approved: $5.48M Fund for Affected Patients
538
CRITICAL-102
HEACOR1774651954
HealthEC Data Breach Settlement Approved: $5.48M Fund for Affected Patients
On January 20, 2026, a U.S. court granted final approval to a $5.48 million class action settlement resolving claims against HealthEC LLC and four affiliated healthcare organizations Community Health Care Systems Inc., Corewell Health, MD Valuecare LLC, and Oakwood Accountable Care Organization LLC. The settlement stems from a December 2023 data breach that exposed the personal and protected health information of approximately 1.52 million individuals.
Eligibility and Compensation
Patients whose data was compromised in the breach may qualify for financial compensation or credit monitoring, provided they received a settlement notice by email or mail. The class includes all affected individuals, regardless of whether they experienced identity theft or fraud, with a separate subclass for California residents as of July 14, 2023.
Compensation options include:
- Reimbursement for out-of-pocket losses (e.g., fraud-related expenses, credit freeze costs, or credit monitoring purchases).
- Lost time compensation (up to 10 hours at $25/hour for those with qualifying losses, or up to 4 hours for those without).
- Alternative cash payments ($25 for non-California residents, $50 for California residents).
- Three years of free Medical Shield Complete, a service offering dark web monitoring, credit monitoring, and $1 million in identity theft insurance.
If total claims exceed the settlement fund, payments will be reduced proportionally. Conversely, leftover funds may increase payouts.
Claim Process and Deadlines
Eligible individuals can file claims online or by mail, with documentation required for out-of-pocket loss and lost time claims. The deadline to submit claims, request exclusions, or object to the settlement is November 18, 2025. Payments will be distributed after final approval and resolution of any appeals, with the first disbursements issued on March 24, 2026.
Settlement Fund Allocation
The $5.48 million fund covers:
- $333,250 for settlement administration costs.
- Up to $1.86 million in attorneys’ fees.
- Undetermined amounts for attorneys’ expenses and Medical Shield Complete services.
- Up to $2,500 each for class representatives.
- The remaining balance for eligible claimants.
Background
The lawsuit alleged that HealthEC and its co-defendants failed to adequately protect sensitive patient data, leading to the breach. While the defendants denied wrongdoing, they agreed to settle to avoid prolonged litigation. The incident underscores ongoing vulnerabilities in healthcare data security.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
NOVEMBER 2024
677
Breach
25 Nov 2024 • Corewell Health
Corewell Health, Pinnacle Holdings and LTD: Thousands of Corewell Health patients impacted by 2024 data breach
Corewell Health Data Breach Exposes Personal and Medical Data of 19,000 Patients
616
CRITICAL-61
PINCOR1774758354
Corewell Health Data Breach Exposes Personal and Medical Data of 19,000 Patients
A data breach at Pinnacle Holdings, LTD a former healthcare consulting provider for Michigan-based Corewell Health has compromised the sensitive information of approximately 19,000 Corewell Health patients. The incident occurred on November 25, 2024, when Pinnacle Holdings detected a "network disruption" affecting certain systems.
During its investigation, the Colorado-based firm determined that an unauthorized individual may have accessed patient data. Corewell Health was notified of the breach in early 2024 and promptly launched a review to identify affected individuals. Exposed information includes names, phone numbers, Social Security numbers, driver’s license numbers, dates of birth, health insurance details, prescription information, and service dates.
Pinnacle Holdings stated it has since implemented additional safeguards to prevent future incidents and has begun notifying impacted individuals. As part of the response, affected patients are being offered free credit monitoring and identity protection services. The firm reported no evidence of fraudulent activity resulting from the breach.
Individuals seeking more information can contact Pinnacle Holdings at 866-686-2607.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
JANUARY 2024
713
Breach
01 Jan 2024 • Corewell Health
Corewell Health and Pinnacle Holdings: Thousands of Corewell Health patients affected by 2024 vendor data breach
Corewell Health Data Breach Exposes Thousands of Patients’ Sensitive Information
652
CRITICAL-61
OLECOR1774672026
Corewell Health Data Breach Exposes Thousands of Patients’ Sensitive Information
In early 2024, Corewell Health disclosed a data breach affecting approximately 19,000 patients, stemming from a security incident at its former vendor, Pinnacle Holdings. The consulting firm, which previously provided healthcare services to Corewell, experienced the breach, compromising a range of sensitive data.
The exposed information included names, contact details, Social Security numbers, medical records, and insurance information. While Pinnacle Holdings stated it had implemented additional safeguards and found no evidence of fraudulent activity, Corewell Health conducted a review to identify impacted individuals.
Affected patients were notified by mail and offered free credit monitoring and identity protection services. Additional support is available through a dedicated call center at 866-686-2607 and on Pinnacle Holdings’ website. The incident highlights ongoing risks in third-party vendor security within the healthcare sector.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
NOVEMBER 2023
789
Breach
01 Nov 2023 • Corewell Health
Corewell Health
Welltok Data Breach
710
CRITICAL-79
COR358271123
The U.S. healthcare services business Welltok revealed a data breach that affected around 8.5 million patients.
The business was one among the targets of a widespread hacking campaign that took advantage of a zero-day vulnerability in the MOVEit Transfer programme.
The exposed information includes patient information, including phone numbers, physical addresses, email addresses, and full names. Threat actors also obtained specific health insurance details, Medicare/Medicaid ID numbers, and Social Security numbers (SSNs) for some of the affected individuals.
The following organisations, on behalf of which Welltok is delivering notice to affected individuals, are Asuris Northwest Health, BridgeSpan Health, Blue Cross and Blue Shield of Minnesota, Blue Cross and Blue Shield of Alabama, Blue Cross and Blue Shield of Kansas, Blue Cross and Blue Shield of North Carolina, Corewell Health, Faith Regional Health Services, Mass General, Brigham Health Plan, Priority Health, Regence BlueCross BlueShield of Oregon, Regence BlueShield, Regence BlueCross BlueShield of Utah, Regence Blue Shield of Idaho, St. Bernards Healthcare, and Sutter Health.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for Corewell Health ??
What was Corewell Health's A.I Rankiteo Cyber Score in June 2026 ??
What was Corewell Health's A.I Rankiteo Cyber Score in May 2026 ??
What was Corewell Health's A.I Rankiteo Cyber Score in April 2026 ??
What was Corewell Health's A.I Rankiteo Cyber Score in March 2026 ??
What was Corewell Health's A.I Rankiteo Cyber Score in February 2026 ??
What was Corewell Health's A.I Rankiteo Cyber Score in January 2026 ??
What was Corewell Health's A.I Rankiteo Cyber Score in December 2025 ??
What was Corewell Health's A.I Rankiteo Cyber Score in November 2025 ??
What was Corewell Health's A.I Rankiteo Cyber Score in October 2025 ??
What was Corewell Health's A.I Rankiteo Cyber Score in September 2025 ??
What was Corewell Health's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on Corewell Health's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with Corewell Health ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view Corewell Health's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?