McLaren Health Care hospitals reported a disruption to its Information Technology systems last Monday. While McLaren didn’t initially disclose the exact nature of the disruption, a ransom note from the INC Ransomware gang soon started doing the rounds. The note, allegedly, shared by employees of the McLaren Bay Region Hospital, warned that hospital data had been encrypted and would be published on the INC leak site if the ransom was not paid.
Unfortunately, for McLaren, this is the second major cyber attack in a span of a year. Last November, the health care network informed at least 2.2 million people that their data had been breached between July and August, 2023. The BlackCat Ransomware gang claimed responsibility for the attack.
In this article, we present to you a quick summary of everything we know about the attack so far. All the information has been collated based on Media Reporting. Though we have endeavoured to ensure accuracy of each fact, Cyber Management Alliance takes no credit or responsibility for the information herein.
Topics Covered Here:
Details on the exact amount and nature of information compromised in this attack is still not known. External cybersecurity experts are apparently analysing the impact of the latest incident.
While McLaren said in its initial statement that its healthcare providers are ready to care for their patients, here’s what we know about the impact of the Ransomware Attack so far:
In a statement sent to News 10, McLaren Health Care said: “McLaren Health Care can now confirm the disruption to our information technology and phone systems that was reported yesterday was the result of a criminal cyber attack."
In terms of the Impact on Operations, McLaren said, "Our hospitals and outpatient clinics instituted downtime procedures to ensure care delivery within our facilities. Several information technology systems continue to operate in downtime procedures while we work to fully restore functionality to our system."
McLaren said its emergency departments continue to be operational and most surgeries and procedures continue to be performed. It added, however, "During this time of limited access to our systems, and out of an abundance of caution, some non-emergent appointments, tests, and treatments are being rescheduled."
A week after the attack i.e on 13th August, the hospital system said all radiation therapy units at Karmanos Cancer Institute care facilities in Michigan are operational again. These facilities include Gamma Knife Radiosurgery in Farmington Hills McLaren Proton Therapy Center in Flint.
Not only is this attack the second one on McLaren, it’s also another major attack on a healthcare organisation in the last few months. In the recent past, Change Healthcare, Synnovis and NHS have made for chilling news stories.
In the past year, over 725 data breaches were reported to the U.S. Department of Health and Human Services Office for Civil Rights. As per the HIPAA Journal, over 133 million records containing protected health data have been exposed.
A significant cybersecurity breach in May impacted all 140 Ascension hospitals across the U.S. This incident too caused disruptions such as postponed or cancelled appointments, ambulance diversions, and restricted electronic access to medical records. The breach even hindered doctors from issuing medical orders.
Ransomware attacks and cybersecurity disruptions in the healthcare space compromise highly sensitive protected health information (PHI). More worrying is how the health and lives of patients hangs on the line when cyber criminals mess with health data, medical records, imaging and test results.
This attack is yet another startling reminder of how urgently healthcare organisations the world over need to take their cybersecurity infrastructure and best practices to the next level.
There is simply no survival without ransomware mitigation measures. Ransomware response and cyber incident response planning has to be more robust than ever to ensure minimal downtime and disruptions.
Rehearsing for the worst with Cyber Attack Tabletop Exercises is more critical than ever. The staff and key responders need practice for what they’ll do when the organisation or hospital is under attack and all databases become unavailable. It’s imperative to be fully prepared in a vicious threat landscape where attacks of this nature are almost inevitable.