Michigan Medicine

Michigan Medicine was targeted in a cyber attack that lured employees to a webpage that got them to enter their login information.

Four Michigan Medicine employees entered login information and accepted multifactor authentication prompts which gave attackers to access their email accounts and resulted in a breach.

The incident compromised the patients' names, addresses, birth dates, treatment information, medical record numbers, and health insurance information of about 33,850 patients.

Michigan Medicine took steps immediately to investigate the matter and implemented additional safeguards to reduce risk to our patients.

Source: https://healthitsecurity.com/news/michigan-medicine-notifies-33k-patients-of-phishing-attack

TPRM report: https://scoringcyber.rankiteo.com/company/michigan-medicine

"id": "mic05131122",
"linkid": "michigan-medicine",
"type": "Cyber Attack",
"date": "08/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'customers_affected': 33850,
                        'industry': 'Healthcare',
                        'location': 'Michigan',
                        'name': 'Michigan Medicine',
                        'type': 'Healthcare Provider'}],
 'attack_vector': 'Phishing',
 'data_breach': {'number_of_records_exposed': 33850,
                 'personally_identifiable_information': ['Names',
                                                         'Addresses',
                                                         'Birth Dates',
                                                         'Medical Record '
                                                         'Numbers',
                                                         'Health Insurance '
                                                         'Information'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personally Identifiable '
                                              'Information',
                                              'Health Information']},
 'description': 'Michigan Medicine was targeted in a cyber attack that lured '
                'employees to a webpage that got them to enter their login '
                'information. Four Michigan Medicine employees entered login '
                'information and accepted multifactor authentication prompts '
                'which gave attackers access to their email accounts and '
                "resulted in a breach. The incident compromised the patients' "
                'names, addresses, birth dates, treatment information, medical '
                'record numbers, and health insurance information of about '
                '33,850 patients. Michigan Medicine took steps immediately to '
                'investigate the matter and implemented additional safeguards '
                'to reduce risk to our patients.',
 'impact': {'data_compromised': ['Names',
                                 'Addresses',
                                 'Birth Dates',
                                 'Treatment Information',
                                 'Medical Record Numbers',
                                 'Health Insurance Information'],
            'systems_affected': ['Email Accounts']},
 'title': 'Michigan Medicine Cyber Attack',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Human Error'}

Michigan Medicine

Dansons

TEP Holdings, LLC

Bolton Global