Helpful Articles

Console & Associates, P.C.: Possible McLaren Health Care Data Breach, Ransomware Attack Impacts Up to 2.5 Million Patients

On October 3, 2023, the infamous ransomware gang ALPHV/BlackCat (BlackCat) announced it had breached the servers of McLaren Health Care Corporation (“McLaren”). While the ongoing McLaren data breach investigation has yet to confirm many details, BlackCat claimed to have stolen 6 TB of data. This could mean a data breach impacting as many as 2.5 million patients, potentially impacting sensitive information such as Social Security numbers. As the situation develops, McLaren will announce the findings of its investigation and send letters to any of those affected by the alleged data breach.

If McLaren Health Care Corporation holds your data, you may be at risk. Watch your mail for a data breach notification letter, and hold onto it if you receive one. By reading the letter, you can act on the information in our Guide for Victims of Data Breaches and take steps to protect yourself from identity theft and fraud. If you’re interested in how the legal system can help, consider reaching the McLaren data breach lawyers at the law firm of Console & Associates, P.C. Call 866-778-5500 or fill out our online form to find out more.

To learn more about the McLaren Health Care data breach, read our blog post here:

What Caused the McLaren Health Care Cyberattack?

While the most sensational report on the brewing McLaren Health Care data breach comes from BlackCat. It’s far from the only one. At the same time the hackers claimed to have stolen the data, legitimate news sources report that McLaren found sign of suspicious activity in its network. This took place over the course of late August and would have included the company securing its network and beginning an investigation into the suspicious activity.

These reports also state that the early findings of the investigation correspond to a ransomware attack. This lines up with the following claims from the BlackCat ransomware group, that it penetrated McLaren Health Care Corporation’s networks and tole data related to up to 2.5 million patients.

BlackCat makes these and other statements via a data leak website that remains available thanks to hosting via the Dark Web. To make matters worse, the group has claimed that McLaren’s efforts to secure its network have failed. According to these claims, BlackCat continues to maintain a “back door” exploit within McLaren’s systems.

While McLaren has confirmed a ransomware attack took place, it has countered BlackCat’s lofty claims by pointing to a lack of evidence. However, only time will tell what exactly the truth is in this situation. Those watching should wait for reports that the McLaren data breach investigation has reached its conclusion, and watch their mail for a data breach notification. This will inform victims of what data they’ve lost, which could include many types of information that McLaren holds. This includes personal identifiable information, health information, and Social Security numbers, among other data types.

More Information About McLaren Health Care Corporation

McLaren Health Care Corporation is a Grand Blanc, Michigan-based healthcare system that operates 14 hospitals throughout the state. Together with its network of laboratories and other healthcare facilities, McLaren has more than 28,000 employees and an annual revenue of around $6.6 billion.

Corporations like this have a duty to protect consumer data, and they could be liable in the event of a data breach. If our McLaren data breach investigation reveals that negligence contributed to the leak, victims may be able to pursue emotional and financial damages in court. Find out more by calling 866-778-5500 or filling out our online form to schedule a free consultation with the McLaren data breach lawyers at the law firm of Console & Associates, P.C.

About the Author
Richard Console
Posted - 10/05/2023