Daily Briefing: Auto industry's recall issue; Trump and Musk charged by UAW; Benson's home attacked; more
HEALTH

McLaren confirms cyberattack across its 13 Michigan hospitals, physician network

Portrait of Kristen Jordan Shamus Kristen Jordan Shamus
Detroit Free Press

For the second time in a year, cybercriminals have attacked McLaren Health Care's technology platforms, the Grand Blanc-based health system said Wednesday afternoon, confirming the cause of a disruption earlier this week to all 13 of its Michigan hospitals, surgery, infusion and imaging centers along with its network of 113,000 medical providers throughout Michigan, Indiana and Ohio.

"McLaren Health Care can now confirm the disruption ... was the result of a criminal cyber attack," said a statement sent to the Free Press. "Our information technology team continues to work with external cyber security experts to analyze the nature of the attack and mitigate the impacts of the threat actors. At this time, we have not determined if any patient or employee data was compromised."

The front of McLaren Macomb hospital on Harrington Road in Mt. Clemens on July 21, 2021.

The disruption began early Monday, and crippled some parts of the system's operations.

For a short time, ambulances were diverted from McLaren Port Huron Hospital, and some appointments had to be canceled because physicians couldn't access radiology reports, lab test results or orders for additional testing and procedures.

"Immediately after becoming aware of the attack, our hospitals and outpatient clinics instituted downtime procedures to ensure care delivery within our facilities," the McLaren statement said. "Several information technology systems continue to operate in downtime procedures while we work to fully restore functionality to our system. We have policies and procedures in place and train for information technology disruptions. We are grateful for the response from our frontline caregivers and staff who have come together to provide care under these circumstances."

No estimate was given for how long the disruption will last, and spokesperson David Jones did not answer questions from the Free Press about whether this incident involved ransomware and whether it was related to last year's cyberattack from the ransomware gang known as BlackCat/AlphV.

"Currently, our facilities are largely operational and able to care for our communities and will continue to do so until operations are fully restored," the updated statement said. "Our emergency departments continue to be operational, most surgeries and procedures continue to be performed, and our physician offices continue to see as many patients as possible. During this time of limited access to our systems, and out of an abundance of caution, some non-emergent appointments, tests, and treatments are being rescheduled.

"In addition, we are also actively working with our vendor partners and insurance providers to ensure our supply chain is not impacted and insurance authorizations are processed for care and treatments."

About 730,000 people are enrolled in McLaren's insurance plans in Michigan and Indiana. It also provides hospice care and pharmacy services, and operates clinical laboratories.

More:McLaren Health Care's Michigan hospitals hit by 'disruption' to computer, phone systems

The health system advised patients to keep their previously scheduled appointments unless the medical provider asks them to reschedule. It also asked patients to bring paper copies of the following to all appointments:

  • A list of current medications or prescription bottles
  • Printed physician orders for imaging studies or treatments
  • Printed results of recent lab tests, if available, via the McLaren or Karmanos patient portal
  • A list of allergies

In late August 2023, McLaren shut down its computer network in response to a ransomware attack that potentially leaked patient data onto the dark web.

A ransomware gang known as BlackCat/AlphV claimed responsibility then, posting online that it stole 6 terabytes of McLaren's data, including the personal information of 2.5 million patients.

Cyberattacks and the data breaches that often accompany them are a growing problem in health care, not only exposing the protected health data of patients but also affecting the ability to provide health care.

More:Cyberattack hits Ascension hospitals' computer networks: 'It's affecting everything'

Last year alone, 725 data breaches were reported to the U.S. Department of Health and Human Services Office for Civil Rights and more than 133 million records containing protected health data were exposed, according to the HIPAA Journal.

A cybersecurity breach in May that struck all 140 Ascension hospitals in the U.S., including in Michigan, forced the Catholic, nonprofit health system to postpone or cancel some appointments, divert ambulances to other hospitals and cut off electronic access to medical records, lab test results, radiology imaging and even impaired the ability for doctors to issue medical orders.

Contact Kristen Shamus: kshamus@freepress.com. Subscribe to the Free Press.

We’re gathering insights on artificial intelligence and would love to hear from you. Take this short survey and help us understand your views.