Cybersecurity Breach at Michigan Fertility Clinic Exposes Patient Data
On October 22, 2025, Reproductive Medicine Associates of Michigan (RMA), a fertility clinic based in Troy, detected unauthorized activity within its systems. A subsequent investigation by third-party cybersecurity experts confirmed that an unknown threat actor had accessed and exfiltrated files from the clinic’s network.
The breach’s full scope remains under review, as RMA conducts a detailed analysis to identify what protected health information (PHI) and personally identifiable information (PII) may have been compromised. The exact number of affected individuals has not yet been determined, and impacted patients will receive direct notifications once the review is complete.
In response, RMA secured its systems, engaged cybersecurity specialists, and reported the incident to federal law enforcement and the U.S. Department of Health and Human Services. The clinic has established a dedicated assistance line (947-209-5587) for affected individuals and provided guidance on monitoring credit reports, placing fraud alerts, and contacting major credit bureaus (Equifax, Experian, and TransUnion).
The investigation is ongoing, with further details expected as the review progresses.
Source: https://www.claimdepot.com/data-breach/reproductive-medicine-associates-of-michigan-2026
Reproductive Medicine Associates of Michigan cybersecurity rating report: https://www.rankiteo.com/company/reproductive-medicine-associates-of-michigan
"id": "REP1768344028",
"linkid": "reproductive-medicine-associates-of-michigan",
"type": "Breach",
"date": "10/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Healthcare',
'location': 'Troy, Michigan',
'name': 'Reproductive Medicine Associates of Michigan',
'type': 'Fertility Clinic'}],
'customer_advisories': 'Monitor for identity theft or fraud, obtain free '
'credit reports, place fraud alerts or security '
'freezes, contact credit bureaus (Equifax, Experian, '
'TransUnion)',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Protected Health Information '
'(PHI)',
'Personally Identifiable '
'Information (PII)']},
'date_detected': '2025-10-22',
'description': 'On Oct. 22, 2025, Reproductive Medicine Associates of '
'Michigan discovered suspicious activity within its systems. '
'An investigation revealed that an unknown actor gained '
'unauthorized access and copied certain files from the '
'clinic’s network. The review of affected files to determine '
'exposed PHI and PII is ongoing.',
'impact': {'data_compromised': 'Protected Health Information (PHI), '
'Personally Identifiable Information (PII)',
'identity_theft_risk': 'High',
'systems_affected': 'Clinic’s network'},
'investigation_status': 'Ongoing',
'recommendations': 'Monitor accounts and credit reports, place fraud alerts '
'or security freezes, report suspicious activity to '
'financial institutions',
'references': [{'source': 'Reproductive Medicine Associates of Michigan '
'Notice of Data Privacy Event'}],
'regulatory_compliance': {'regulatory_notifications': 'U.S. Department of '
'Health and Human '
'Services'},
'response': {'communication_strategy': 'Website notice, direct mail to '
'affected individuals, dedicated '
'assistance line',
'containment_measures': 'Secured network',
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': 'Federal law enforcement, U.S. '
'Department of Health and Human '
'Services',
'third_party_assistance': 'Cybersecurity experts'},
'threat_actor': 'Unknown',
'title': 'Unauthorized Access and Data Exfiltration at Reproductive Medicine '
'Associates of Michigan',
'type': 'Data Breach'}