McLaren confirms it was hit with ransomware; disruptions to last until September

Chad Van Alstin | | Health Exec | Cybersecurity
money cybersecurity ransomware health IT data breach hacker

On Aug. 7, McLaren Health Care—a 13-hospital system in Michigan—announced it had been hit with a cyberattack, forcing it to postpone some non-emergency care services. Now, McLaren has confirmed the incident was a ransomware attack.

In an update posted on Aug. 16, McLaren said the ransomware attack is still affecting systems at its 113 hospitals, surgery centers, oncology centers, and other health clinics. Further, the health system said it expects disruptions to continue for the remainder of the month, adding that “cyber forensic investigations are ongoing.”

It is still not clear what information hackers were able to access. McLaren is currently investigating if any HIPAA-protected health information was taken.

As of time of reporting, no cybercrime groups have taken credit for the attack and no data from McLaren appears to be posted for sale on the dark web.

All patients seeking services at any McLaren facility are asked to bring any medical records they have with them to appointments, including prescription data and lab tests, as the health system has limited access to electronic health records. 

This attack marked the second for McLaren in less than a year. Last October, the health system was hit by ransomware, with hacker group Black Cat claiming credit. Medical records from 2.2 million patients were exposed in the breach.

Lawsuits from last year, filed by patients, are still pending.

Related Articles:

Hospital system in Michigan hit by cyberattack for second time in a year
North Korean hospital hacker indicted in the US
State attorneys general send warnings of Change Healthcare breach, urge residents to respond
Cybersecurity incident reporting rule would exclude insurers, vendors
Q&A: Healthcare cybersecurity advocate fears damage from Change Healthcare breach has only begun
Chad Van Alstin Health Imaging Health Exec
Chad Van Alstin

Chad is an award-winning writer and editor with over 15 years of experience working in media. He has a decade-long professional background in healthcare, working as a writer and in public relations.

Related Content

Data trove of 1.6M patient records discovered online
DOD contractor hit with $11M fine for health data mismanagement
FDA warns of cybersecurity vulnerabilities in patient monitors
Academic health system agrees to $8M settlement following data breach
Number of Americans impacted by Change Healthcare breach nears 200M
Report: 84% of healthcare organizations identified a data breach last year

Around the web

Cardiovascular Business
American Heart Association highlights importance of NIH as battle over Trump funding cuts continues

“Now more than ever, we must recognize that our country’s leadership in groundbreaking medical research spurs scientific innovation, improves public health and creates new innovations that save and improve lives nationwide,” Joseph C. Wu, MD, PhD, explained in a statement. 

Cardiovascular Business
Cardiologist questions FDA’s approval process for high-risk medical devices

The technology used to diagnose, treat and manage cardiovascular disease is always evolving, keeping FDA officials quite busy. But have the agency's standards been slipping in recent years? A cardiologist with Cedars-Sinai Medical Center explored that very question.

Cardiovascular Business
FDA announces new recall of Johnson & Johnson heart pumps over safety concerns

No devices need to be returned at this time. However, the FDA warned, using these heart pumps without reviewing the updated instructions could result in "serious injury or death.”