McLaren Health System Hit by Second Cyberattack in a Year, Disrupting Operations Across 13 Facilities
McLaren Health System confirmed that a criminal cyberattack caused a technology disruption earlier this week, affecting all 13 of its facilities, including locations in northern Michigan such as Petoskey and Cheboygan. The incident marks the second attack on the health system in 12 months, though officials stated the two events are unrelated.
The disruption began Monday, with phones and computers going offline. While McLaren’s IT team, alongside external cybersecurity experts, continues to investigate the attack and mitigate its impact, it remains unclear whether patient or employee data was compromised. Patients have been advised to attend scheduled appointments but to bring copies of their medical information as a precaution.
This latest breach follows a ransomware attack in August 2023, for which the BlackCat/AlphV gang claimed responsibility. The group alleged it stole 6 terabytes of data, including the personal information of 2.5 million patients. The incident reflects a broader trend of escalating cyber threats against healthcare providers. According to the U.S. Department of Health and Human Services, cyberattacks on hospitals and health systems surged by 93% from 2018 to 2022, with ransomware-related breaches increasing by 278%. Such attacks have led to care disruptions, patient diversions, and delayed medical procedures, posing risks to patient safety.
Healthcare systems remain prime targets for cybercriminals due to the vast amounts of sensitive data they store, including medical records, financial details, and personally identifiable information. McLaren issued an apology for the inconvenience caused by the attack, acknowledging the disruption to patients, families, and visitors.
McLaren Health Care cybersecurity rating report: https://www.rankiteo.com/company/mclaren-health-care
"id": "MCL1774745246",
"linkid": "mclaren-health-care",
"type": "Cyber Attack",
"date": "8/2024",
"severity": "100",
"impact": "7",
"explanation": "Attack that could injure or kill people"{'affected_entities': [{'customers_affected': 'Patients across 13 facilities',
'industry': 'Healthcare',
'location': 'Michigan, USA',
'name': 'McLaren Health System',
'type': 'Healthcare Provider'}],
'customer_advisories': 'Patients advised to attend scheduled appointments but '
'to bring copies of their medical information as a '
'precaution',
'description': 'McLaren Health System confirmed that a criminal cyberattack '
'caused a technology disruption earlier this week, affecting '
'all 13 of its facilities, including locations in northern '
'Michigan such as Petoskey and Cheboygan. The incident marks '
'the second attack on the health system in 12 months, though '
'officials stated the two events are unrelated. The disruption '
'began Monday, with phones and computers going offline. While '
'McLaren’s IT team, alongside external cybersecurity experts, '
'continues to investigate the attack and mitigate its impact, '
'it remains unclear whether patient or employee data was '
'compromised. Patients have been advised to attend scheduled '
'appointments but to bring copies of their medical information '
'as a precaution.',
'impact': {'brand_reputation_impact': 'Acknowledged disruption to patients, '
'families, and visitors',
'data_compromised': 'Unclear whether patient or employee data was '
'compromised',
'operational_impact': 'Disruption to operations, patients advised '
'to bring medical information as precaution',
'systems_affected': 'Phones and computers offline across 13 '
'facilities'},
'investigation_status': 'Ongoing',
'references': [{'source': 'U.S. Department of Health and Human Services'}],
'response': {'communication_strategy': 'Apology issued for inconvenience, '
'patients advised to bring medical '
'information',
'third_party_assistance': 'External cybersecurity experts'},
'title': 'McLaren Health System Hit by Second Cyberattack in a Year, '
'Disrupting Operations Across 13 Facilities',
'type': 'Cyberattack'}