Aspire Rural Health System has informed state authorities that it has suffered a data breach impacting nearly 140,000 people.
Aspire provides emergency care, outpatient services, diagnostic testing, surgical procedures, and other healthcare services through a network of over 70 facilities across several counties in Michigan.
In notifications sent out to affected individuals, the healthcare organization said hackers had access to its network between November 4, 2024, and January 6, 2025.
An investigation concluded in mid-July showed that the attackers had stolen files containing personal information.
The Maine Attorney General’s Office has been informed that the data breach impacts 138,386 individuals.
The BianLian ransomware group took credit for the attack on Aspire in mid-February, claiming to have stolen financial and HR documents, databases, email communications, data on partners and providers, and patients’ personal and health information.
The BianLian gang has not been active since late March and it’s unclear what happened to the stolen Aspire data.
It’s not uncommon for healthcare data breaches to affect a large number of individuals, including millions.
Related: CPAP Medical Data Breach Impacts 90,000 People
Related: Northwest Radiologists Data Breach Impacts 350,000 Washingtonians
Related: Marketing, Law Firms Say Data Breaches Impact Over 200,000 People
Related: Farmers Insurance Data Breach Impacts Over 1 Million People
