DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Michigan Medicine notifies patients of health information breach

Posted on August 16, 2019 by Dissent

From Michigan Medicine, Aug. 16 –

ANN ARBOR, Mich. — Michigan Medicine is notifying approximately 5,500 patients about a phishing email campaign that may have exposed some of their health information.

During the campaign, emails containing a malicious link were sent to over 3,200 Michigan Medicine employees. If the link was clicked, employees were directed to a webpage that looked like a legitimate site requesting the username and password for their email account.

In July 2019, three employees clicked into this email, resulting in the perpetrator gaining access to the employees’ email accounts. The accounts were then used to continue to send additional phishing emails. Michigan Medicine discovered the compromised accounts on July 9 and July 12.

As soon as Michigan Medicine learned that the email accounts were compromised, they were disabled so no further access could take place until the passwords were changed.

Additionally, the malicious emails were deleted from all employees’ email accounts, and any employees identified as having received the malicious email were subject to mandatory password resets.

Through the investigation of the incident, no evidence was uncovered to suggest that the aim of the attack was to obtain patient health information.

However, data theft could not be ruled out. As a result, all of the emails of the employees involved were presumed compromised and the contents of the email accounts were analyzed. Two of the three employees’ compromised email accounts included emails that contained identifiable patient information. These accounts were compromised on July 8 and 12.

The identifiable information in those emails included a combination of one or more of the following: names, medical record numbers, addresses, dates of birth, diagnostic and treatment information, and health insurance information. A small subset of the emails also included Social Security numbers.

“Patient privacy is extremely important to us, and we take this matter very seriously. Michigan Medicine took steps immediately to investigate this matter and is implementing additional safeguards to reduce risk to our patients and help prevent recurrence,” said Jeanne Strickland, Michigan Medicine chief compliance officer.

Notices were mailed to the affected patients or their personal representatives.

Those concerned about the breach that do not receive a letter may call toll-free 855-336-5900, Monday through Friday, from 8 a.m. to 5 p.m.

While Michigan Medicine does not have reason to believe the accounts were compromised for the purpose of obtaining patient information, as a precautionary measure, all affected patients have been advised to monitor their medical insurance statements for any potential evidence of fraudulent transactions. Additionally, complimentary credit monitoring and identity theft protection services have been offered to all patients whose health insurance information or Social Security number was involved.

In response to this event, Michigan Medicine is implementing additional technical safeguards to prevent similar future incidents. Additional training and education materials have also been implemented to increase employee awareness on the risks and proper handling of malicious emails.

Source: Michigan Medicine

Category: Health DataPhishingU.S.

Post navigation

← IA: Virginia Gay Hospital notifies patients after discovering compromised employee email account
CA: Malware attack targets San Dieguito Union High School District →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Central Maine Healthcare tackles suspected cybersecurity issue; hospitals remain open
  • Cartier Data Breach: Luxury Retailer Warns Customers that Personal Data Was Exposed
  • Beyond the Pond Phish: Unraveling Lazarus Group’s Evolving Tactics
  • Akira doesn’t keep its promises to victims — SuspectFile
  • Fraudsters, murderers, students: who the GRU assembled a team of hacker provocateurs from and why it failed
  • Order of Psychologists of Lombardy fined 30,000 € for inadequate data security protection and detection following ransomware attack
  • Lower Merion School District says a data breach was caused by a computer glitch (1)
  • After $1 Million Ransom Demand, Virgin Islands Lottery Restores Operations Without Paying Hackers
  • Junior Defence Contractor Arrested For Leaking Indian Naval Secrets To Suspected Pakistani Spies
  • Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Stewart Baker vs. Orin Kerr on “The Digital Fourth Amendment”
  • Fears Grow Over ICE’s Reach Into Schools
  • Resource: HoganLovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
  • She Got an Abortion. So A Texas Cop Used 83,000 Cameras to Track Her Down.
  • Why AI May Be Listening In on Your Next Doctor’s Appointment
  • Watch out for activist judges trying to deprive us of our rights to safe reproductive healthcare
  • Nebraska Bans Minor Social Media Accounts Without Parental Consent

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.