Michigan healthcare organization says ransomware breached data of 185,000

A ransomware attack in late 2023 exposed the personal data of nearly 185,000 people, a nonprofit Michigan healthcare organization reported Wednesday.

Cherry Street Services, also known as Cherry Health, said in a regulatory filing that the breach occurred on December 21 and was discovered on Christmas Eve.

The data breach notification filed with the office of Maine’s attorney general said the cause was ransomware, and that the attackers had accessed financial information such as credit card numbers and related security codes or passwords. 

So far Cherry Health has identified 184,372 potential victims. It has not specified the exact nature of the attack or the ransomware group involved. The organization did not immediately respond to questions from Recorded Future News. 

Cherry Health, based in Grand Rapids, operates in six Michigan counties and “offers high-quality health care to everyone, regardless of their ability to pay.” 

In early January the organization issued a statement citing a “network disruption,” and later in the month identified the event as a “cybersecurity incident.” It continued notifying potentially affected people in February. 

The 2023 holiday season saw several cyberattacks on healthcare institutions, including a Massachusetts hospital, a Seattle cancer center and an Australian provider.