Cyber Incident Victim: Cancer and Hematology Centers of Western Michigan

On or around December 31, 2021, Cancer and Hematology Centers of Western Michigan experienced a ransomware attack that compromised the personal and health information of 43,071 individuals. The cyberattack exposed sensitive patient data including full names, Social Security numbers, and health records. The incident represented a significant breach of protected health information (PHI) within the specialty oncology care sector. While the exact duration of unauthorized system access was not disclosed, the attack disrupted normal operations at the Michigan-based cancer treatment provider. No explicit details were provided regarding the specific ransomware variant used or the initial attack vector employed by the threat actors. The center did not confirm whether the attackers exfiltrated data before deploying encryption, nor did they disclose if a ransom demand was issued or paid. The breach notification indicated that patient data was accessed and potentially acquired by unauthorized parties during the security incident.

In response to the ransomware incident, Cancer and Hematology Centers implemented strengthened security protocols across their systems. The organization partnered with third-party cybersecurity monitors to enhance network surveillance and threat detection capabilities. While specific technical safeguards were not detailed, these measures aimed to prevent similar future breaches. The center notified affected individuals about the exposure of their sensitive personal and medical information but did not report any confirmed cases of identity theft or medical fraud resulting directly from the breach. No information was provided regarding system restoration timelines, data recovery efforts, or whether law enforcement agencies were involved in investigating the attack. The organizational response focused on procedural improvements and external partnerships rather than disclosing specific containment actions taken during the incident.