Michigan Medicine Data Breach (2019)

Around 5,500 patients of the Michigan Medicine are getting notified regarding the phishing email campaign, which might have exposed a few of their PHI (Protected Health Information). In July 2019, employees of the Michigan Medicine were targeted in a huge scale phishing campaign. More than 3,200 employees of Michigan Medicine have received phishing emails having a malicious link, which when clicked directed to a webpage looking like legitimate site requesting the user's email account username and password. Three employees have responded to this phishing emails and then disclosed their credentials, as a result of which the perpetrator gain access to the email accounts of those employees'. These accounts were then further used for sending more phishing emails. Suspicious activity in this email accounts were detected by Michigan Medicine on 8th, 9th and 12th July of 2019.