Michigan Medicine notifies nearly 57,000 patients after health data may have been exposed in cyberattack

(CBS-DETROIT) – Michigan Medicine notified approximately 56,953 people about a data breach that impacted employee email accounts and potentially exposed patient health information.

Officials said Monday that three Michigan Medicine employee email accounts were hacked on May 23 and 29 in a cyberattack unrelated to the recent CrowdStrike outage.

After the security vulnerability was discovered, the attacker’s IP address was blocked and password changes were made immediately.

While Michigan Medicine could not find any evidence that the goal of the cyberattack was to gain access to patient data, “data theft cannot be ruled out.”

For this reason, the contents of all affected emails were reviewed between June 10 and 27.

Officials found that some emails and attachments contained “identifiable patient and/or insurance carrier information,” including names, medical record numbers, addresses, dates of birth, diagnosis and treatment information, and/or health insurance information.

The emails containing this information were notices about payment and billing for patients. The emails did not contain credit card, debit card, or bank account numbers, but four patients were separately informed of their Social Security numbers.

“Michigan Medicine took immediate steps to investigate this case after being made aware of the possibility that patient data could be exposed. We continually monitor cyberattacks like this because patient privacy is so important to us,” said Jeanne Strickland, Michigan Medicine’s chief compliance officer. “We currently have several safeguards in place to reduce the risk to our patients and prevent a recurrence, but will thoroughly investigate this incident to determine if new or additional actions are necessary.”

Affected patients were notified by post starting July 19.

Anyone with questions or concerns can call the Michigan Medicine Assistance Line at 1-888-409-7484.

“Although Michigan Medicine has no reason to believe the accounts were compromised to obtain patient information, as a precautionary measure, all affected patients have been advised to monitor their health insurance statements for possible indications of fraudulent transactions,” Michigan Medicine said in a press release.