McLaren Health Care says cyber attack disrupted phone lines and computer systems

Michigan-based healthcare company McLaren Health Care said it experienced a data security incident that impacted phone lines and computer systems and disrupted daily operations.

 

In a notice on its website, McLaren said that it recently experienced a data security incident that affected its phone lines and computer systems.

 

“Immediately after becoming aware of the attack, our hospitals and outpatient clinics instituted downtime procedures to ensure care delivery within our facilities,” McLaren said. “Our information technology team continues to work with external cyber security experts to analyse the nature of the attack and mitigate the impacts of the threat actors.”

 

The healthcare provider added that while most of its facilities are operational, it is operating with downtime procedures to allow the IT team to restore the affected systems. McLaren has also rescheduled some non-emergent appointments, tests and treatments and some of the surgeries and procedures had to be cancelled because of the cyber attack.

 

“Patients with scheduled appointments should plan to attend those appointments unless they are contacted by a member of our care team. In addition, we are also actively working with our vendor partners and insurance providers to ensure our supply chain is not impacted and insurance authorisations are processed for care and treatments,” McLaren added.

 

While the healthcare provider is yet to share details on the nature of the cyber attack, according to a

on X, the infamous INC RANSOM ransomware group has claimed responsibility for the data security incident and has listed McLaren as a victim on its data leak site. The group has also threatened to publish the stolen data if McLaren fails to meet its ransom demands.

 

In July 2023, McLaren suffered another ransomware attack that involved the APLHV/BlackCat ransomware group claiming that it stole the personal information of about 2.5 million individuals from the healthcare company’s network. The stolen data dump reportedly contained up to 6 terabytes worth of patient information.