In August of this year, McLaren Health Care suffered a cyber attack that resulted in the compromise of 2.2 million individual data records.
The attackers claimed to have accessed approximately 6 terabytes of sensitive patient information, which is a significant breach of privacy and a serious concern for all those affected.
McLaren Data Breach
McLaren Health Care Corporation, a comprehensive healthcare delivery system located in Grand Blanc, Michigan, is committed to offering patients exceptional medical care that is based on the latest research and provided at an affordable price.
With a total worth of $6.6 billion, McLaren Health Care Corporation provides a range of fully integrated healthcare services to its patients, including primary care, specialty care, and hospital care, all of which are designed to meet the unique needs of each patient.
McLaren, one of the leading healthcare providers in Michigan, comprises a vast network of 490 highly skilled primary and specialty care physicians, advanced imaging centers, state-of-the-art ambulatory surgical clinics, and 14 top-tier hospitals. With a focus on providing exceptional healthcare services, McLaren is dedicated to serving the diverse medical needs of its patients across Michigan.
Over the course of the past month, the healthcare system based in Michigan has faced a significant surge in the number of federal cases brought against it, with the figure more than doubling from its previous count.
StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.
The information that was stolen consists of various personal details such as the name of the individual, their Social Security number, health insurance information, and date of birth, and also includes medical information such as billing or claims information, diagnosis, physician information, medical record number, Medicare/Medicaid information, prescription/medication information, diagnostic results, and treatment information.
Among the countless data breaches that have occurred in the US, this particular one has earned a place among the top 10 in terms of size. Interestingly, this breach did not involve the exploitation of a zero-day vulnerability.
In September’s closing days, the Alphv/BlackCat group managed to exfiltrate 6 terabytes of confidential information, which they subsequently used to advertise their illicit website operating in the dark corners of the internet.
BlackCat operates on ransomware as a service (RaaS) model, which involves the creators of the malware distributing it to affiliates for use. The affiliates then share a percentage of the ransom payment with the creators.
The malicious software employs login information that has been unlawfully obtained by initial access brokers to gain first-time entry. In order to coerce their targets into complying with their ransom requests, the criminal group operates a website where sensitive information is publicly disclosed.
Upon uncovering the illegal activity, McLaren swiftly initiated an investigation in collaboration with trusted third-party forensic specialists. The focus of the investigation was to secure the network and gain a comprehensive understanding of the nature and extent of the activity.
McLaren has been targeted in multiple attacks, with a total of seven cases being registered against the company. This latest attack is not the first instance of such malicious activity towards McLaren.
According to the lawsuit filed in October, McLaren did not have basic security measures in place that are commonly used in the healthcare industry. These measures include storing data in secure, offline locations, encrypting private records and data, using up-to-date software with standard security patches, utilizing antivirus applications to block malicious code from external sources, and enforcing HTTPS protocols for all workers with system access who use online tools.
Patch Manager Plus, the one-stop solution for automated updates of over 850 third-party applications: Try Free Trial.