McLaren Health Care, a Michigan-based healthcare delivery system, has recently informed approximately 2.2 million individuals about a data breach compromising their personal information. The breach, occurring between late July and August, was only detected after the hackers had accessed McLaren’s systems. The compromised data includes Social Security numbers, health insurance details, medical records, and diagnostic and treatment information.
The breach was claimed by the notorious ransomware gang BlackCat/ALPHV in October, though McLaren has not confirmed any ransom demands or payments. This incident has led to several lawsuits against McLaren for inadequate data security measures. McLaren, which operates numerous hospitals in Michigan and employs about 28,000 people, responded swiftly to the breach by investigating and securing its systems, identifying affected individuals, and notifying federal law enforcement.
To mitigate the impact, McLaren is guiding affected individuals on protecting against identity theft and fraud. This includes advice on reporting suspicious activities to credit card companies and banks, placing fraud alerts and security freezes on credit files, and obtaining free credit reports. They are also encouraged to report identity theft and fraud to the Federal Trade Commission, state Attorney General, and law enforcement.
Michigan Attorney General Dana Nessel highlighted the vulnerability of information infrastructure, emphasizing the responsibility of organizations handling sensitive data to implement robust cybersecurity measures. The healthcare sector is increasingly targeted by cybercriminals due to the vast amount of sensitive data it holds. For instance, HCA Healthcare and Practice Resources (PRL) also suffered significant breaches, impacting millions.
Sarah Jones, a cyber threat intelligence research analyst, notes the average cost of healthcare data breaches has risen to nearly $11 million, a 53% increase since 2020. The extended access period by BlackCat/ALPHV to McLaren’s systems reflects a shift in cybercriminal tactics, aiming for minimal detection and maximized efforts. The evolving cyber threats, compounded by rapid technological advancements in healthcare, underscore the urgent need for the industry to prioritize and invest in cybersecurity to protect patients.
Source: Cyber Security Hub
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.