McLaren Health Care, a healthcare organization operating predominantly in the Midwestern United States, experienced a criminal cyberattack. The organization announced the incident on August 7, 2024, and as of then, it has been unable to confirm if patient or employee information was compromised. 

Erich Kron, security awareness advocate at cybersecurity company KnowBe4, commented, “Healthcare organizations continue to get pummeled by bad actors partly because of the value of PHI records and the time sensitive nature of medical work. PHI contains enough information to steal identities, or be used to extort patients. Much of the information provided to medical practitioners could be very embarrassing to patients, and bad actors are aware of this and willing to exploit it.”

After becoming aware of the attack, the organization enacted downtime procedures and began the process of restoring functionality. Many systems are largely operational; however, some non-urgent appointments, treatments and tests were rescheduled. For patients whose appointments have not been rescheduled, the organization is asking them to bring information such as current medications, printouts of physician orders or lab tests, or a list of allergies. 

Kron states, “For organizations that collect sensitive information or PHI, it’s absolutely critical that the data is protected by data loss prevention controls, good backups, and that employees are trained to spot and report phishing emails, the number one source of initial network intrusions.”