One of Michigan's top healthcare systems acknowledged that it is dealing with a ransomware attack after a notorious hacking group boasted about the incident.
A McLaren HealthCare representative stated that the organisation had discovered unusual behaviour on its computer network and started investigation right away.
“Based on our investigation, we have determined that we experienced a ransomware event. We are investigating reports that some of our data may be available on the dark web and will notify individuals whose information was impacted, if any, as soon as possible,” a spokesperson stated.
McLaren runs 13 hospitals in Michigan, as well as infusion centres, cancer centres, primary and specialised care offices and a clinical laboratory network. The company employs over 28,000 people and has a totally owned medical malpractice insurance company.
The company reported issues affecting billing and electronic health record systems earlier this month. According to the Detroit Free Press, McLaren was forced to shut down the computer network at 14 different locations, a situation that became so dire that staff were forced to communicate via personal phones.
McLaren has “retained leading global cybersecurity specialists to assist in our investigation, and we have been in touch with law enforcement. We have also taken measures to further strengthen our cybersecurity posture with a focus on securing our systems and limiting disruption to our patients and the communities we serve,” the spokesperson said.
The spokesperson added that systems "remain operational," but did not answer questions about whether billing and record systems were operational again. They did not specify whether or not a ransom would be paid.
The Black Cat/AlphV ransomware gang claimed responsibility for the attack in a last Friday morning post on their leak site.
The group, who initially did not name the organisation before adding McLaren's name hours later, claimed to have acquired 6 TB of data, which allegedly included millions of people's personal information as well as videos of the hospitals' operations.
The Michigan Department of Emergency Management and Homeland Security, as well as the governor's office, did not reply to queries for comment on whether the corporation was receiving expertise.
BlackCat has made a practise of going after healthcare facilities, triggering outrage earlier this year when it attempted to extort a Pennsylvania hospital network by posting images of breast cancer patients. It claimed responsibility for an attack on NextGen Healthcare, a technology company, in January.
The group grabbed headlines worldwide two weeks ago when it attacked MGM Resorts, damaging six major Las Vegas casinos and paralysing slot machines, ATMs, and other machinery.
The attack on McLaren comes just one month after another major U.S. hospital network was targeted by ransomware hackers.
This week, the epidemic of ransomware attacks on hospitals reached Congress. House members held a hearing on the matter and heard testimony from various people who had battled hackers.
One of Vermont's leading healthcare organisations' president, Stephen Leffler, spoke to Congress on his experience dealing with a 2020 ransomware assault and cautioned that even with their extensive security measures, they were still affected.
“This really is an arms race. As we have all seen in the news over the past few 3 years, the cybercriminals and actors are getting increasingly sophisticated, and so this important work to protect our systems will never be fully finished,” Leffler stated.