The websites of University of Michigan Health were compromised Monday morning as part of a coordinated cyberattack by the pro-Russia hacker group Killnet.
The group is known for shutting down public and government websites around the world, including in Romania, Moldova, Japan, Latvia, Germany and the U.S. The group attacked the sites of Lockheed Martin and several U.S. airports last year.
Monday’s attack targeted U.S. hospital systems, including Stanford Health Care at Stanford University, Thomas Jefferson University Hospital in Philadelphia, Duke University Hospital in Durham, N.C., and several others including UM Health and its children’s hospital, C.S. Mott.
Related: Michigan Medicine suffers another data breach following cyberattack
The group is known for distributed denial of service, or DDoS, attacks that make a website inaccessible to users. This attack hit the third-party vendor of the hospitals’ websites, which contained no patient information.
“University of Michigan Health has been experiencing intermittent problems with its public websites as a result of a cyberattack on a third-party vendor we use to host some of our sites,” the health system said in an emailed statement to Crain’s. “We are working with the third-party to mitigate it and expect to have our sites functional as soon as possible.”
By Monday afternoon, all of the UM sites were operating again.
Michigan Medicine, the parent organization of the hospitals and the health system, has been hit with several cyberattacks in the last 12 months.
The health system was hacked in August after four employees fell for an email phishing scam that lured them to a web page asking for log-in information and fake multifactor authentication prompts. The information of 33,850 patients was compromised by the attack, though there was no evidence the attack was designed to access patient information, Still, UM could not rule out data theft that may have included patient information.
Not a Modern Healthcare subscriber? Sign up today.
Some of the workers’ emails contained patient information, such as names, medical record numbers, addresses, birth dates, treatment information and health insurance data, the system said in a news release.
One patient’s Social Security number was involved.
In March, Michigan Medicine notified nearly 3,000 patients of a data breach of their health information from a similar phishing scam.
Also in March, Ascension Michigan — the subsidiary of St. Louis-based Ascension Health that operates four hospitals in the state — announced a data breach that exposed personal information of more than 27,000 patients.
More than 550 U.S. hospitals reported data breaches in 2021, exposing the information of more than 40 million patients, according to data from the U.S. Health and Human Services’ Office for Civil Rights.
This story first appeared in Crain’s Detroit Business.
