Connect with us

Hi, what are you looking for?

Tech & Science

Munson Healthcare hack goes undetected for nearly 3 months (Includes interview)

Munson Healthcare group, based in northern-Michigan, found that a number of employee email accounts had been hacked. Furthermore, the accessing of the accounts had been taking place across a period of for two and a half months. The issue led to personal healthcare related information being exposed (such as patent names, dates of birth, insurance information, together with medical information).

The data breach was discovered in January 2020 and it appears that the data breach would have taken place over a relatively wide window, between July 31, 2019 and October 22, 2019 (the actual date cannot be determined). the types of data exposed may also have included financial information.

The number of people impacted has not been declared. In response to the incident, Munson Healthcare issued the following statement: “This incident does not affect all patients of Munson Healthcare and not all information was included for all individuals. Munson Healthcare is now notifying affected individuals so that they can take steps to protect their information.”

To learn more about the data breach and the wider implications for businesses, Digital Journal caught up with Piyush Pandey, CEO of ERP data security leader Appsian.

Pandey notes that the “data breach illustrates the importance of real-time access management, especially in environments where sensitive information is stored.”

With this time-based factor, Pandey notes that “the longer a hacker is able to maintain access, the more time they have to move laterally through systems to collect information and the harder it is to assess the damage after the attack has been discovered.”

looking into the specific issue, Pandey says that “an attacker was able to remain undetected for months, compromising highly sensitive data including health and financial information. ”

In terms of preventative actions, Pandey recommends: “Similar organizations should consider implementing individual access management tools as they allow administrators to be alerted to suspicious activity immediately, significantly reducing the amount of information exposed as well as shortening recovery time.”

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:


In a 6-3 ruling, the Supreme Court ruled against the EPA, hindering the government from tackling the climate crisis.


President Joe Biden is in favor of dropping the filibuster rule so that Congress can codify abortion rights.


You can’t just ring someone and ask them to fix America. Where would you get the parts, to start with?


Sonny Barger, founder of the Hells Angels motorcycle club -- seen here in August 2003 -- passed away at the age of 83 after...