Michigan-based McLaren Healthcare has confirmed that the sensitive personal and health information of 2.2 million patients was compromised in a cyberattack earlier this year. Later, a ransomware gang took credit for the cyberattack.
in New Data Breach Notification McLaren said in a filing with the Maine attorney general that hackers breached its systems over a three-week period from July 28 to Aug. 23, before the health care company noticed it a week later on Aug. 31. He said that he had done so.
According to McLaren, the hackers accessed a wealth of medical information, including patients’ names, dates of birth, and social security numbers, as well as invoices, billing and diagnostic information, prescription and drug details, and information about diagnostic results and treatments. It is said that he did. Medicare and Medicaid patient information was also collected.
McLaren is a healthcare provider with 13 hospitals in Michigan and approximately 28,000 employees. McLaren, which touts cost-efficiency efforts on its website, made more than $6 billion in revenue in 2022.
News of the incident broke in October when the Alphv ransomware group (also known as BlackCat) claimed responsibility for the cyberattack, claiming that millions of patients’ personal information was stolen. day to day after a cyber attack Michigan Attorney General Dana Nessel warned residents that the breach “could potentially impact a large number of patients.”
TechCrunch has reviewed several screenshots posted by ransomware gangs on dark web leak sites, which show the company’s password manager, internal financial statements, some employee information, and patient-related information such as names, addresses, and phone numbers. Confirmed that it showed access to spreadsheets of personal and health information. , social security number, and diagnostic information.
Alphv/BlackCat claimed in the post that the gang had been in contact with McLaren representatives, but provided no evidence of this.
Contacted via email, McLaren spokesperson David Jones declined to comment beyond the company’s official statement or answer our questions about the incident. A spokesperson declined to say whether the company had received any payment requests or paid the hackers. McLaren’s chief information security officer, George Goble, declined to make him available for an interview.
What McLaren is currently facing is At least 3 class action lawsuits In connection with cyber attacks.
Source: techcrunch.com
