Michigan Hospital System Victim of Ransomware Attack

It seems as if each day, there's another ransomware attack. Now, a Michigan hospital system is the victim of a new ransomware attack. This particular attack was a large one, and details are still emerging regarding if patients' information was compromised.

McLaren Health Care hospitals have reported that beginning Tuesday (Aug. 6), their IT and phone systems were disrupted due to an attack associated with to the INC Ransom ransomware operation. INC Ransom is a "ransomware-as-a-service (RaaS) operation that surfaced in July 2023 and has since targeted organizations in both the public and private sectors," according to MedicalBuyer.co.in. As soon as McLaren discovered the attack, they put their hospitals and outpatient clinics on downtime procedures, according to officials. They add that, "Currently, our facilities are largely operational and able to care for our communities and will continue to do so until operations are fully restored."

McLaren is one of the largest healthcare systems in Michigan and operates a network of 13 hospitals across the state. It employs more than 640 physicians and a total of around 28,000 employees. McLaren goes outside of Michigan, too, and works with 113,000 network providers throughout Michigan, Indiana, and Ohio. Its annual revenues are more than $6.5 billion.

"While McLaren Health Care continues to investigate a disruption to our information technology system, we want to ensure our teams are as prepared as possible to care for patients when they arrive," the health system announced on their website. They add, "Patients with scheduled appointments should plan to attend those appointments unless they are contacted by a member of our care team."

So far, McLaren doesn't know if patients' information was compromised, but they promise to release any new information as soon as it's available. Back in November 2023, McLaren announced that around 2.2 million of its patients were impacted by a data breach that let out their personal and health information between July and August 2023. So, this isn't the first time this sort of thing has happened. At the time, data that was compromised included everything from full names to Social Security numbers to treatment information to health insurance. The ALPHV/BlackCat ransomware took credit for that attack.

I realize that the world of cybersecurity is always changing, so I understand that things like this happen. But, I hope incidents such as this one can become rare as cybersecurity technology improves. If you have questions about this particular attack, you should contact your local McLaren office.