Michigan Health System Faces Another Blow: State officials say that more than 1 million people were affected by the second hacking breach at a health system in Michigan this year.
On Tuesday, Michigan Attorney General Dana Nessel said that there had been a breach at HealthEC, a company that does work for Corewell Health’s sites in southeast Michigan. The breach let people’s personal and medical information get out.
Michigan Health System Faces Another Blow: Second Data Breach Exposes Over 1 Million Patients
The services offered by HealthEC are helping to “identify high-risk patients, close gaps in care, and recognize barriers to optimal care,” as stated in a press release.
It’s not clear what information was leaked, but the release said it could have been a person’s name, home, date of birth, Social Security number, medical diagnoses, mental or physical condition, health insurance information, treatment costs, bills and claims information, and more.
In the wake of the breach, letters were sent to patients on December 22 by Nessel’s office.
In a statement, Nessel said, “Health information is some of the most private information we have.” “People in Michigan have been victims of a lot of healthcare-related data breaches and need strong protection.” It is very important that the Michigan lawmakers follow the lead of many other states that require businesses that experience a data breach to notify the Department of Attorney General right away.
Corewell Health said it talked to the office of the attorney general before letting the public know.
Last month, Corewell Health said that a provider called Welltok had a data breach that let similar personal and medical details get out. There was an effect on more than 1 million people.
If you were affected by the data breach, Nessel’s office suggests that you change your passwords, call your bank or credit union, and maybe even put a scam alert on your credit file to protect your identity.
Michigan Indian Day 2023: Date, History, Facts about Michigan
Cyberattacks and data breaches have been happening all over the U.S. health system, and this is the most recent one.
Oklahoma’s Integris Health, which runs hospitals and primary care offices all over the state, said that someone illegal got into their data at the end of November. This was reported by KOCO 5, a local ABC News station.
Then, on Christmas Eve, the health system said that patients were getting messages from a group saying they were responsible for the data breach and would post the information on the dark web if they didn’t get paid.
Capital Health runs hospitals in Trenton and Pennington as well as primary care offices all over New Jersey. Last month, the company said it had been having network problems that it thought were caused by a “cybersecurity incident,” but it wasn’t clear if any personal information had been leaked.
Also, after Ardent Health Services found out about a ransomware attack on Thanksgiving Day, hospitals it runs, including two in New Jersey, had to send ambulances to other hospitals in the area and stop some treatments that were not necessary.