McLaren Healthcare: 2.2M Patients’ Data Stolen in Ransomware Breach
Michigan-based healthcare provider McLaren Health Care has confirmed a data breach compromising the personal health information of millions of patients. The cyberattack took place earlier this year and was later claimed by the ransomware gang known as AlphV/Blackcat. The hacker gained access to patient names, dates of birth, social security numbers, and medical information. McLaren is now facing multiple class-action lawsuits related to the breach.
Table of Contents: McLaren Healthcare: 2.2M Patients’ Data Stolen in Ransomware Breach
- McLaren Healthcare Confirms Cyberattack Compromising Millions of Patient Health Information
- Ransomware Gang Takes Credit for McLaren Healthcare Cyberattack
- New Data Breach Notice Filed by Michigan Attorney General against McLaren Healthcare
- Hacker Accesses Patient Information, Including Social Security Numbers, at McLaren Healthcare
- McLaren Healthcare Cyberattack Exposes Patient Diagnoses and Medical Treatment Details
- McLaren Healthcare Faces Class Action Lawsuits Following Cyberattack
McLaren Healthcare Confirms Cyberattack Compromising Millions of Patient Health Information
McLaren Health Care, a large healthcare provider in Michigan, has recently confirmed that it suffered a cyberattack that compromised the health information of millions of its patients. This attack involved a ransomware gang, ALPHV/BlackCat, gaining access to the company’s systems for three weeks between July and August of this year. The data breach notice filed with the state’s Attorney General’s office indicates that the hackers had access to patient names, dates of birth, Social Security numbers, wealth management information, Medicare and Medicaid information, including bills, claims, diagnoses, and prescription details. The incident, which was discovered in October, has led to the filing of several class action lawsuits against McLaren. The company has since taken steps to secure its systems and notify affected patients.
Ransomware Gang Takes Credit for McLaren Healthcare Cyberattack
Michigan-based health system McLaren Health Care confirmed that a ransomware gang known as Alphv/BlackCat is responsible for the cyberattack that compromised the personal information of over 3 million patients in 2021.
Alphv/BlackCat claimed responsibility for the cyberattack in a new data breach notification filed with the Maine Attorney General.
In the cyberattack that took place between July and August 2021, the hackers gained access to names, dates of birth, Social Security numbers, wealth management information, Medicare and Medicaid information, including bills, claims, diagnosis information, prescription medication details and information related to diagnostic results and treatment of patients.
New Data Breach Notice Filed by Michigan Attorney General against McLaren Healthcare
The Michigan Attorney General’s office has announced that McLaren Health Care has filed a new data breach notice following a cyberattack earlier this year. The health care provider said that hackers accessed its systems for three weeks in July and August, and accessed patient names, dates of birth, Social Security numbers, Medicare/Medicaid information, billing and claims information, diagnosis information, prescription medication details, and information related to diagnostic results, treatment, and Medicare/Medicaid patient information. Approximately 1.3 million patients were affected by the breach. McLaren has provided a website for affected patients to check if their information was compromised. The company is offering free credit monitoring and identity theft protection services to those affected. The Michigan Attorney General’s office is investigating the breach and has warned state residents that they could be at risk of identity theft.
Hacker Accesses Patient Information, Including Social Security Numbers, at McLaren Healthcare
On August 4, 2022, McLaren Health Care, a Michigan-based healthcare provider, disclosed that a hacker accessed their system and obtained sensitive personal information of their patients. The affected information includes names, dates of birth, Social Security numbers, Medicare and Medicaid information, billing and claims information, diagnoses, test results, prescription information, and other protected health information relating to medical diagnoses, treatment, and test results. McLaren became aware of the breach on October 27 and immediately launched an internal investigation. They also notified the Michigan Attorney General’s office and are cooperating with law enforcement. Currently, McLaren is offering free credit monitoring services to those affected by the breach.
McLaren Healthcare Cyberattack Exposes Patient Diagnoses and Medical Treatment Details
The McLaren Health Care cyberattack exposed the personal health information of millions of patients. The attack, which was carried out by the ALPHV ransomware gang, also known as BlackCat, compromised the systems of the Michigan-based healthcare provider for three weeks in July and August.
The data breach notice filed with the Maine Attorney General’s office said that hackers accessed patient names, dates of birth, Social Security numbers, wealth management information, Medicare and Medicaid information, including bills, claims, diagnoses, treatment information, prescription and medication details, and information related to diagnostic results and treatment. The attack also impacted McLaren Health Care providers, hospitals, and clinics across Michigan.
The incident, which was disclosed in October, was the second major cyberattack to hit McLaren in recent years. In 2021, the health system was hit by a ransomware attack that forced it to shut down its computer systems for several days.
McLaren Healthcare Faces Class Action Lawsuits Following Cyberattack
McLaren Health Care, a prominent healthcare provider in Michigan, has been hit with class action lawsuits in the wake of a cyberattack that compromised the sensitive health information of millions of patients. The attack, which was carried out by the notorious ransomware gang Alphv/BlackCat, took place earlier this year and involved unauthorized access to the company’s systems for three weeks in July and August.
In a data breach notification filed with the state’s Attorney General, McLaren confirmed that the hackers gained access to patient names, dates of birth, Social Security numbers, wealth management information, Medicare and Medicaid information, including billing, claims, diagnoses, and prescription details, as well as information related to diagnostic results, treatment plans, and medications.
The attack affected over 1.6 million individuals, and the lawsuits allege that McLaren failed to implement adequate security measures to protect patient data. One lawsuit, filed on behalf of a Michigan resident whose information was compromised, accuses McLaren of negligence, breach of contract, and violation of Michigan’s Consumer Protection Act. Another lawsuit, filed by a class of McLaren patients, alleges that the health system’s inadequate security measures exposed patients to potential fraud, identity theft, and other damages.
The lawsuits are seeking class action status, which would allow all affected patients to join the litigation and potentially recover damages for the alleged violations. McLaren has yet to respond to the lawsuits, but the class action filings underscore the growing legal risks and reputational damage that healthcare providers face in the wake of cyberattacks.