Hospitals Health Tech,

4 Things to Know About the McLaren Cyberattack & Its Aftermath

Last week, McLaren Health Care fell victim to its second major cyberattack in less than a year. The Michigan-based health system has been working to restore its IT and phone systems over the past week, but some of these systems still remain down.

Cyberattacks continue to occur frequently among healthcare providers, resulting in staggering financial losses and major patient care disruptions.

The latest healthcare cybersecurity incident to make headlines happened last Monday when McLaren Health Care fell victim to an attack waged by cybercriminal group INC Ransom. The Michigan-based health system, which operates 13 hospitals, has been working to restore its IT and phone systems over the past week, but some of these systems still remain down.

Disruptions
presented by

After learning about the outage, McLaren rescheduled some elective procedures and instructed patients to bring printed versions of their health records and lab results. 

Patients are still being asked to bring their printed records, but most surgeries are currently moving forward. The health system said its primary and specialty care clinics are now “largely operational.”

The attack also resulted in delayed radiation treatment for some cancer patients. McLaren said its cancer centers returned to being fully operational on Monday.

McLaren’s emergency departments continue to be operational, but the health system said a few locations are still on ambulance diversion for certain conditions. 

Exposed data

On Friday, Michigan Attorney General Dana Nessel urged McLaren patients to take steps to protect their data. It’s not clear what information might have been exposed to the hackers, so she urged patients to look out for any signs of personal data exploitation. 

“While more than 30 other states have laws requiring state notification of significant breaches, Michigan is not among them, and consumer protection agencies like ours often only learn of these attacks by media reporting,” Nessel’s statement said.

Employees using PTO

This week, local news reports emerged in which McLaren employees said they were told they have to use their paid time off in order to be compensated for the missed days caused by the cyberattack.

McLaren said that its staff members who cannot work because of the outage also have the option to file for unemployment instead of exhausting their paid time off.

Déjà vu

This is the second major cyberattack McLaren has experienced in less than a year. 

Last September, the health system fell victim to an attack from the BlackCat ransomware gang that exposed 2.2 million patients’ data. BlackCat claims to have stolen 6 terabytes of data from McLaren.

Photo: Traitov, Getty Images