Email account compromises resulted in over 56,000 patients having their data exposed.
What happened
Recently, Michigan Medicine, operated by the University of Michigan and a research, education, and healthcare provider, faced a data breach.
The organization released a statement on July 22nd, explaining what caused the breach and how the university plans to respond. Through an internal investigation, Michigan Medicine discovered that three employee email accounts were compromised during a cyberattack between May 23rd and May 29th, 2024.
While the organization is unsure about the goal of the attack, it did assume some patient information may have been impacted. Michigan Medicine determined that emails may have included personal information such as names, medical record numbers, addresses, dates of birth, diagnostic and treatment information, and health information. Four patients' Social Security numbers were also impacted.
What’s next
Once Michigan Medicine learned about the attack, the organization immediately disabled access. They also blocked the attacker’s IP address and changed email passwords.
In response, Michigan Medicine says they are taking “swift action to ward off future cyberattacks that target employees.” They are working on strengthening their email security and providing additional education for staff on prevention strategies.
Jeane Strickland, Michigan Medicine’s Chief Compliance Officer, said “Michigan Medicine immediately took steps to investigate this matter, once alerted to the possibility of patient data being exposed. We constantly monitor for cyberattacks such as these because patient privacy is so extremely important to us.”
It is increasingly common for employee emails to be targeted by malicious actors, who will then either steal data or escalate access until data can be exfiltrated. While training and education are important to reduce these attacks, automating email security through encryption, spam filters, and phishing filters can significantly reduce the likelihood of human error leading to a data breach.
Michigan Medicine is aiming to improve its security systems. “We currently have multiple safeguards in place to reduce risk to our patients and prevent recurrrence but will examine this incident thoroughly to determine if new or additional measures are needed.”
Related: HIPAA Compliant Email: The Definitive Guide.
The big picture
As Michigan Medicine works to recover from the incident, they may face backlash from impacted patients. With increasing data breaches, it’s more common for victims to be impacted by multiple breaches, making fraud or identity theft more likely.
Abby Grifno
