Skip to main content
Cloudy icon
32º

Michigan Medicine alerts nearly 58K patients of info breach

Some patient health info potentially exposed

University of Michigan's University Hospital is shown in Ann Arbor, Mich., Saturday, March 21, 2020. (Paul Sancya, The Associated Press 2020)

ANN ARBOR, Mich. – The University of Michigan health system says a cyberattack potentially exposed the health information of nearly 57,891 patients.

Michigan Medicine said an email account was compromised by a cyberattack when an employee accepted an unsolicited multifactor authentication prompt, which allowed the cyberattacker to access the employee’s email account and contents.

Recommended Videos



This cyberattack took place July 30 and is unrelated to Michigan Medicine’s cyberattack in May.

During its investigation, Michigan Medicine says it did not find any evidence to suggest that the aim of the attack was to obtain patient health information, but data theft could not be ruled out.

As a result, all the emails involved were presumed compromised and the contents were reviewed to determine if sensitive data about patients was potentially impacted. This analysis took place between Aug. 21, 2024, and Aug. 29, 2024.

Some emails and attachments were found to contain identifiable patient and/or insurance guarantor information, such as: names, medical record numbers, addresses, dates of birth, diagnostic and treatment information, and/or health insurance information. The emails were job-related communications for payment and billing coordination for Michigan Medicine patients. The information involved for each specific patient varied, depending on the particular email or attachment.

Michigan Medicine says as soon as they learned of the attack, the attacker’s IP address was blocked and passwords were changed.

Notices were mailed to the affected patients and/or guarantors or their personal representatives starting Sep. 26, 2024. Those concerned about the breach who do not receive a letter may call the toll-free Michigan Medicine Assistance Line: 1-877-225-2078. Calls will be answered Monday through Friday, 9 am to 9 pm (Eastern Time).

While Michigan Medicine does not have reason to believe the accounts were compromised for the purpose of obtaining patient information, as a precautionary measure, all affected patients have been advised to monitor their medical insurance statements for any potential evidence of fraudulent transactions.


About the Authors
Ken Haddad headshot

Ken Haddad has proudly been with WDIV/ClickOnDetroit since 2013. He also authors the Morning Report Newsletter and various other newsletters, and helps lead the WDIV Insider team. He's a big sports fan and is constantly sipping Lions Kool-Aid.

Dane Kelly headshot

Dane Kelly is an Oreo enthusiast and producer who has spent the last seven years covering Michigan news and stories.

Loading...