(WWJ) Approximately 57,891 University of Michigan Health System patients could have had their information exposed in a recent cyberattack.
It happened on July 30, according to Michigan Medicine, when an employee accepted an un-requested two-step verification prompt. That action allowed the cyberattacker to access the email account which obtained patient names, medical numbers, and diagnostic information.
The email account did not contain any social security numbers, credit and debit card, or bank account numbers, officials said. The account has since been disabled.
Investigators didn't find any evidence that the attacker was looking for medial records, but data theft could not be ruled out.
In a news release, leaders at Michigan Medicine expressed regret about the incident, and said they'll be implementing more stringent technical safeguards on their email system and the infrastructure that supports it to prevent similar incidents in the future.
“We are constantly working to minimize the threat of patient data being exposed, and when incidents like this occur, we immediately take steps to investigate,” said Jeanne Strickland, Michigan Medicine chief compliance officer, in a statement.
“Patient privacy is of the utmost importance. At Michigan Medicine, we continue to be vigilant as cyberattacks become more and more sophisticated. We will analyze this incident and review our safeguards and make changes if needed to protect those we care for.”
Notices were mailed to the affected patients or their personal representatives starting September 26, 2024. Those concerned about the breach who do not receive a letter may call the toll-free Michigan Medicine Assistance Line: 1-877-225-2078. Calls will be answered Monday through Friday, 9 a.m. to 9 p.m. EST.
As a precautionary measure, all affected patients have been advised to monitor their medical insurance statements for any potential evidence of fraudulent transactions.
Michigan Medicine includes U-M Medical School and University of Michigan Health, which includes the C.S. Mott Children’s Hospital, Von Voigtlander Women’s Hospital, University Hospital, the Frankel Cardiovascular Center, Kellogg Eye Center, University of Michigan Health-West, University of Michigan Health-Sparrow and the Rogel Cancer Center.