ANN ARBOR, Mich. — Michigan Medicine is notifying approximately 57,891 individuals about an employee email account that was compromised, potentially exposing some patient health information.

One Michigan Medicine employee email account was compromised due to a cyberattack. A Michigan Medicine employee accepted an unsolicited multifactor authentication prompt, which allowed the cyberattacker to access the employee’s email account and its contents. The event occurred on July 30, 2024. The account was disabled as soon as possible so no further access could take place.

During its investigation, Michigan Medicine did not find any evidence to suggest that the aim of the attack was to obtain patient health information, but data theft could not be ruled out. As a result, all the emails involved were presumed compromised and the contents were reviewed to determine if sensitive data about patients was potentially impacted. This analysis took place between August 21, 2024 and August 29, 2024.

Some emails and attachments were found to contain identifiable patient information, such as: names, medical record numbers, and diagnostic and/or treatment information. The emails were job-related communications for treatment and coordination for Michigan Medicine patients. The information involved for each specific patient varied, depending on the particular email or attachment. 

As soon as Michigan Medicine learned that the email accounts were compromised, the cyberattacker’s IP address was blocked, and immediate password changes were made so no further access could take place. The email account did not contain any Social Security Numbers, credit card, debit card, or bank account numbers. 

Michigan Medicine has and continues to use robust training and education materials to increase employee awareness of the risks of cyberattacks. Additionally, Michigan Medicine is taking swift action to ward off future cyberattacks that target employees including decreasing time emails are retained, modifying our identity verification processes to access Michigan Medicine systems, and increased education on the use of the multifactor identification. The employee involved in this incident has also been subject to disciplinary action under Michigan Medicine policies and procedures. 

Leaders at Michigan Medicine expressed regret that this incident has occurred.  Michigan Medicine is also implementing more stringent technical safeguards on our email system and the infrastructure that supports it to prevent similar incidents from happening.

“We are constantly working to minimize the threat of patient data being exposed, and when incidents like this occur, we immediately take steps to investigate,” said Jeanne Strickland, Michigan Medicine chief compliance officer.

“Patient privacy is of the utmost importance. At Michigan Medicine, we continue to be vigilant as cyberattacks become more and more sophisticated. We will analyze this incident and review our safeguards and make changes if needed to protect those we care for.” 

Notices were mailed to the affected patients or their personal representatives starting September 26, 2024. Those concerned about the breach who do not receive a letter may call the toll-free Michigan Medicine Assistance Line: 1-877-225-2078. Calls will be answered Monday through Friday, 9 a.m. to 9 p.m. (Eastern Time).

While Michigan Medicine does not have reason to believe the accounts were compromised for the purpose of obtaining patient information, as a precautionary measure, all affected patients have been advised to monitor their medical insurance statements for any potential evidence of fraudulent transactions. Information about potential identity theft is available from the Federal Trade Commission at www.identitytheft.gov/#/Warning-Signs-of-Identity-Theft.

About Michigan Medicine and University of Michigan Health 

At Michigan Medicine, we advance health to serve Michigan and the world. We pursue excellence every day in our 11 hospitals and hundreds of clinics statewide, as well as educate the next generation of physicians, health professionals and scientists in our U-M Medical School. 

Michigan Medicine includes U-M Medical School and University of Michigan Health, which includes the C.S. Mott Children’s Hospital, Von Voigtlander Women’s Hospital, University Hospital, the Frankel Cardiovascular Center, Kellogg Eye Center, University of Michigan Health-West, University of Michigan Health-Sparrow and the Rogel Cancer Center. The U-M Medical School is one of the nation's biomedical research powerhouses, with total research awards of more than $777 million. 

More information is available at www.michiganmedicine.org