McLaren Oakland Hospital in Pontiac. Photo courtesy of McLaren Oakland.
McLaren Health Care had a ransomware attack that could compromise the health information of large numbers of patients, according to a release from Michigan Attorney General Dana Nessel.
McLaren operates a hospital in Pontiac and an emergency center in Clarkston, as well as other health care facilities around Oakland County.
Ransomware is a form of malware that can disable a company’s entire network, the release said.
“The cybercriminal typically steals data from the system before encrypting the network. The stolen data is held hostage until the ransom is paid,” the release said.
“Cybercriminal gang ALPHV (or BlackCat) has claimed responsibility for the theft of the sensitive personal health information of 2.5 million McLaren patients. This group has also been linked to the MGM Resorts and other cyberattacks. In a message posted on the dark web last week, ALPHV claimed the McLaren data was on the dark web and would be released in a few days unless a ransomware payment was received.”
The number and identity of affected patients is unknown, as is the type of personal health information.
“This attack shows, once again, how susceptible our information infrastructure may be,” Nessel said. “Organizations that handle our most personal data have a responsibility to implement safety measures that can withstand cyber-attacks and ensure that a patient’s private health information remains private.”
Nessel’s statement said McLaren has acknowledged the ransomware attack in media interviews, saying it was “…investigating reports that some of [its] data may be available on the dark web and will notify individuals whose information was impacted, if any, as soon as possible.”
McLaren said it had found no evidence to suggest the group still has access to its IT systems, Nessel’s release said. The healthcare provider has retained security experts and is in touch with law enforcement.
The release said McLaren reportedly detected suspicious activity in its IT systems in August and later confirmed the ransomware attack. Its computer network was taken offline while the incident was investigated. This caused disruption across its health care facilities, although health care services continued to be provided at all locations and patient care was unaffected.
“Time is of the essence when a breach occurs to ensure affected individuals can take the necessary steps to protect their identities,” Nessel said.
McLaren officials declined to comment directly to The Oakland Press.
McLaren is a 15-hospital integrated health care system based in Grand Blanc. Among its facilities is Michigan’s largest network of cancer centers and providers.
Besides taking steps to protect your medical information, it is important to know the warning signs when someone is using your medical information. The signs include:
– A bill from your doctor for services you did not receive
– Errors in your Explanation of Benefits (EOB) statement like services you never received or prescription medications you don’t take
– A call from a debt collector about a medical debt you don’t owe
– Medical debt collection notices on your credit report that you don’t recognize
– A notice from your health insurance company indicating you have reached your benefit limit; or you are denied insurance coverage because your medical records show a pre-existing condition you don’t have.
Cyberattacks in the healthcare sector have increased in recent years and the severity of healthcare data breaches is increasing. The largest data breach so far in 2023 compromised more than 8 million records. Of the 11 biggest data breaches of 2022, eight occurred at hospitals or health systems, the release said.
Ransomware is one of the most common attack vectors against healthcare organizations. The FBI received 870 complaints of ransomware attacks last year — 210 from health care entities, more than any other sector.
The health care industry is one of the most likely to be targeted by cyber-attacks because of the sheer volume of protected health information stored on its systems. Health care data breaches are very expensive to remedy, with the average breach costing more than $11 million.
If you receive a notification letter or hear news about a data breach at one of your medical providers, take these steps to secure your medical and financial accounts:
– Change the passwords on medical portals that you use.
– Check EOBs from your insurers carefully.
– Contact your bank and credit card issuers and ask them to put an alert on your accounts.
For more information on how to respond to data breaches, go to https://www.michigan.gov/ag/consumer-protection/consumer-alerts/consumer-alerts/id-theft-telemarketing/data-breaches.