ANN ARBOR, Mich. – The University of Michigan health system says a cyberattack potentially exposed the health information of nearly 57,891 patients.
Michigan Medicine said an email account was compromised by a cyberattack when an employee accepted an unsolicited multifactor authentication prompt, which allowed the cyberattacker to access the employee’s email account and contents.
Recommended Videos
This cyberattack took place July 30 and is unrelated to Michigan Medicine’s cyberattack in May.
During its investigation, Michigan Medicine says it did not find any evidence to suggest that the aim of the attack was to obtain patient health information, but data theft could not be ruled out.
As a result, all the emails involved were presumed compromised and the contents were reviewed to determine if sensitive data about patients was potentially impacted. This analysis took place between Aug. 21, 2024, and Aug. 29, 2024.
Some emails and attachments were found to contain identifiable patient and/or insurance guarantor information, such as: names, medical record numbers, addresses, dates of birth, diagnostic and treatment information, and/or health insurance information. The emails were job-related communications for payment and billing coordination for Michigan Medicine patients. The information involved for each specific patient varied, depending on the particular email or attachment.
Michigan Medicine says as soon as they learned of the attack, the attacker’s IP address was blocked and passwords were changed.
Notices were mailed to the affected patients and/or guarantors or their personal representatives starting Sep. 26, 2024. Those concerned about the breach who do not receive a letter may call the toll-free Michigan Medicine Assistance Line: 1-877-225-2078. Calls will be answered Monday through Friday, 9 am to 9 pm (Eastern Time).
While Michigan Medicine does not have reason to believe the accounts were compromised for the purpose of obtaining patient information, as a precautionary measure, all affected patients have been advised to monitor their medical insurance statements for any potential evidence of fraudulent transactions.