In yet another cyberattack, Michigan healthcare nonprofit McLaren Health Care was hit on July 28. The notice went out to more than 2 million people on Thursday. These people were informed that there was a data breach that had exposed personal information. While the bad actors had access on July 28, the attack persisted into August. Impacts to the breach vary by person.
McLaren had become aware of the cyberattack on August 31. An investigation was opened and had been completed on October 10. Yet it took them over a month to tell anybody anything.
Potentially affected current and former patients of McLaren are encouraged to remain vigilant against incidents of identity theft by reviewing account statements and explanations of benefits for unusual activity and to report any suspicious activity promptly to your insurance company, health care provider, or financial institution.”
McLaren Health Care statement
McLaren has yet to state who it believes is behind the attack or why, the ALPHV/BlackCat ransomware group stepped up and revealed themselves to be the culprit. While ransomeware groups love to showboat, they usually aren’t the masterminds. They normally aren’t revealed until forensic analysis is complete.