Welltok, Inc. — a healthcare SaaS company providing patient health engagement and communication services to major US health plans — was among the largest individual victims of the Cl0p MOVEit Transfer mass exploitation in May 2023. Welltok did not discover the breach until July 2023, and the investigation took until November 2023 to complete. Welltok notified 8.5 million individuals of data exposure through their health plan clients, making it the largest single-organisation impact from the MOVEit campaign. Affected health plans and employers whose members were exposed included Blue Shield of California, Blue Cross Blue Shield affiliates, Mass General Brigham, Stanford Health Care, Advocate Aurora Health, and many others. Exposed data included names, Social Security numbers, Medicare/Medicaid ID numbers, health insurance information, and dates of birth. Multiple HHS OCR breach notifications were filed by affected health plans. Class-action lawsuits targeted both Welltok and the underlying health plan clients. The Welltok breach was one of several healthcare vendor MOVEit victims that collectively created enormous cascading impacts across the US health insurance system, illustrating how a single vendor serving multiple health plans can multiply the impact of a supply chain vulnerability.