Michigan Medicine is notifying individuals about the following data breach incidents:
- On July 30, a Michigan Medicine employee accepted an unsolicited multifactor authentication prompt, which allowed the cyberattacker to access the employee’s email account and its contents. During its investigation, Michigan Medicine did not find any evidence to suggest that the aim of the attack was to obtain patient health information, but data theft could not be ruled out. Michigan Medicine is notifying 57,891 individuals related to this incident. Read the press release about the July 30, 2024 data breach.
- Between May 23 and May 29, three Michigan Medicine employee email accounts were compromised due to a cyberattack. The accounts were disabled as soon as possible so no further access could take place. Michigan Medicine is notifying approximately 56,953 individuals about these events. Read the press release about the May 2024 data breach.