McLaren confirms it was hit with ransomware; disruptions to last until September

On Aug. 7, McLaren Health Care—a 13-hospital system in Michigan—announced it had been hit with a cyberattack, forcing it to postpone some non-emergency care services. Now, McLaren has confirmed the incident was a ransomware attack.

In an update posted on Aug. 16, McLaren said the ransomware attack is still affecting systems at its 113 hospitals, surgery centers, oncology centers, and other health clinics. Further, the health system said it expects disruptions to continue for the remainder of the month, adding that “cyber forensic investigations are ongoing.”

It is still not clear what information hackers were able to access. McLaren is currently investigating if any HIPAA-protected health information was taken.

As of time of reporting, no cybercrime groups have taken credit for the attack and no data from McLaren appears to be posted for sale on the dark web.

All patients seeking services at any McLaren facility are asked to bring any medical records they have with them to appointments, including prescription data and lab tests, as the health system has limited access to electronic health records. 

This attack marked the second for McLaren in less than a year. Last October, the health system was hit by ransomware, with hacker group Black Cat claiming credit. Medical records from 2.2 million patients were exposed in the breach.

Lawsuits from last year, filed by patients, are still pending.

Chad Van Alstin Health Imaging Health Exec

Chad is an award-winning writer and editor with over 15 years of experience working in media. He has a decade-long professional background in healthcare, working as a writer and in public relations.

Around the web

Compensation for heart specialists continues to climb. What does this say about cardiology as a whole? Could private equity's rising influence bring about change? We spoke to MedAxiom CEO Jerry Blackwell, MD, MBA, a veteran cardiologist himself, to learn more.

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals. 

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”