Malware

Breaking: McLaren Health Care Discloses Massive Data Breach Affecting 2.2 Million Individuals

Breaking news: McLaren Health Care reveals a major data breach impacting 2.2 million individuals. Stay informed on this alarming breach and its potential consequences.

Published

10 months ago

on

Mclaren Health Care Reports Data Breach Impacting 2.2 Million People

Mclaren Health Care (Mclaren) has notified nearly 2.2 million individuals of a data breach that occurred between late July and August of this year. The breach resulted in the exposure of sensitive personal information.

About Mclaren Health Care

Mclaren Health Care is a non-profit healthcare system with an annual revenue of $6.6 billion. It operates an extensive network across Michigan, which includes 14 hospitals with a total bed capacity of 2,624. The organization is supported by a team of 490 physicians and has a workforce of 28,000 full-time staff. Additionally, Mclaren maintains contractual relationships with 113,000 providers, extending its reach into Indiana.

Notification and Impact

Mclaren has published a statement on its website regarding the intrusion and has also notified US authorities. The organization has taken steps to inform all individuals affected by the incident.

The security breach was identified by Mclaren on August 22, 2023. Further investigations, conducted with the assistance of external cybersecurity experts, revealed that the breach had compromised its systems since July 28, 2023.

Evidence shows that an unauthorized threat actor accessed data on August 31. By October 10, it was confirmed that the following data types had been exposed:

  • Full name
  • Social Security number (SSN)
  • Health insurance information
  • Date of birth
  • Billing or claims information
  • Diagnosis
  • Physician information
  • Medical record number
  • Medicare/Medicaid information
  • Prescription/medication information
  • Diagnostic results and treatment information

The specific types of data exposed vary for each individual, depending on the information they shared with Mclaren and the services they received.

Response and Recommendations

All impacted individuals will receive a notification via email, containing instructions on how to enroll in identity protection services for 12 months.

Mclaren has stated that there is currently no evidence of cybercriminals misusing the exposed data. However, they urge affected individuals to exercise caution with unsolicited communications and closely monitor their bank account activity.

“While there is currently no evidence that your information has been misused, we recommend that you remain vigilant, monitor and review all of your financial and account statements and explanations of benefits, and report any unusual activity to the institution of record and to law enforcement.” – Mclaren

ALPHV/BlackCat Ransomware Attack

Although Mclaren does not provide extensive details about the cyberattack, it is worth noting that the ALPHV/BlackCat ransomware group claimed responsibility for an attack on Mclaren’s network on October 4.

Mclaren claimed by BlackCat ransomware in October (Source: BleepingComputer)

The threat actors have released samples of the allegedly stolen data from Mclaren and have threatened to auction the entire dataset, which they claim impacts 2.5 million individuals.

Related Topics:

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending

Exit mobile version