Breach cyber

Michigan Medicine

Aug 15, 2022 1 min read
Michigan Medicine

On November 10, 2022, the Vermont Office of the Attorney General reported a data breach involving Michigan Medicine that occurred from August 15 to August 23, 2022, due to a phishing attack targeting its employees. The breach potentially exposed identifiable patient information, including names, medical record numbers, addresses, dates of birth, and health insurance information; however, the specific number of individuals affected is unknown.

Source: https://ago.vermont.gov/document/2022-11-10-michigan-medicine-data-breach-notice-consumers

TPRM report: https://www.rankiteo.com/company/michigan-medicine

"id": "mic514072725",
"linkid": "michigan-medicine",
"type": "Breach",
"date": "8/2022",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Healthcare',
                        'location': 'Michigan',
                        'name': 'Michigan Medicine',
                        'type': 'Healthcare'}],
 'attack_vector': 'Phishing',
 'data_breach': {'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['names',
                                              'medical record numbers',
                                              'addresses',
                                              'dates of birth',
                                              'health insurance information']},
 'date_detected': '2022-08-23',
 'date_publicly_disclosed': '2022-11-10',
 'description': 'A data breach at Michigan Medicine occurred from August 15 to '
                'August 23, 2022, due to a phishing attack targeting its '
                'employees. The breach potentially exposed identifiable '
                'patient information, including names, medical record numbers, '
                'addresses, dates of birth, and health insurance information.',
 'impact': {'data_compromised': ['names',
                                 'medical record numbers',
                                 'addresses',
                                 'dates of birth',
                                 'health insurance information']},
 'initial_access_broker': {'entry_point': 'Phishing email'},
 'post_incident_analysis': {'root_causes': 'Phishing attack targeting '
                                           'employees'},
 'references': [{'date_accessed': '2022-11-10',
                 'source': 'Vermont Office of the Attorney General'}],
 'title': 'Michigan Medicine Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Human'}
Published by
Jeremy C
Jeremy C
You might also like
Breach cyber

Gainsight

public 2 min read
Gainsight, a customer success platform, suffered a breach linked to its Salesforce-connected app, initially flagged by Salesforce due to unusual…
Jeremy C Jeremy C
Breach cyber

Gainsight

public 2 min read
Gainsight, a customer success management software firm, experienced a breach in its systems that compromised Salesforce customer tokens. The incident…
Jeremy C Jeremy C
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.