Michigan Healthcare Provider McLaren Confirms Cyberattack Compromised Data of 2.2 Million Patients

McLaren Health Care, a Michigan-based healthcare provider, has confirmed a cyberattack that compromised the sensitive personal and health information of 2.2 million patients. The cyberattack, attributed to the Alphv ransomware gang (also known as BlackCat), occurred between July 28 and August 23, and McLaren discovered the breach on August 31. The hackers accessed patient names, date of birth, Social Security numbers, and extensive medical information, including billing details, claims, diagnosis information, prescriptions, and more. McLaren faces at least three class action lawsuits related to the cyberattack.

Key Points:

1. Scope of Breach:
   • The cyberattack on McLaren Health Care compromised the sensitive personal and health information of 2.2 million patients, including patient names, date of birth, Social Security numbers, medical billing, claims, diagnosis information, prescriptions, and more.
2. Attack Timeline:
   • The hackers were in McLaren’s systems for three weeks between July 28 and August 23. McLaren discovered the breach on August 31, a week after the attackers had access to the healthcare provider’s systems.
3. Attribution to Alphv Ransomware Gang:
   • The cyberattack has been attributed to the Alphv ransomware gang, also known as BlackCat. The gang claimed responsibility for the incident, stating that it had accessed millions of patients’ personal information.
4. Evidence of Access:
   • The Alphv/BlackCat ransomware gang posted screenshots on its dark web leak site, demonstrating access to McLaren’s password manager, internal financial statements, employee information, and spreadsheets containing patient-related personal and health information.
5. Lawsuits and Legal Action:
   • McLaren currently faces at least three class action lawsuits related to the cyberattack. The legal actions are likely to address issues of data protection, privacy, and potential negligence in safeguarding patient information.
6. Limited Company Response:
   • McLaren spokesperson David Jones declined to provide additional information beyond the public statement, including whether the company received a ransom demand or paid the hackers. The chief information security officer, George Goble, was not made available for an interview.

Conclusion:
The confirmed cyberattack on McLaren Health Care, resulting in the compromise of 2.2 million patients’ data, underscores the ongoing cybersecurity challenges faced by healthcare providers. The incident highlights the importance of robust cybersecurity measures, prompt detection of breaches, and transparent communication with affected individuals. The legal actions against McLaren also underscore the potential consequences for organizations that fail to adequately protect sensitive health information from cyber threats.

techcrunch