McLaren Health Care Caught in Data Breach

McLaren has begun mailing notice letters to the impacted individuals.

By HFT Staff


On or about August 22, 2023, McLaren Health Care became aware of suspicious activity related to certain computer systems. McLaren immediately launched an investigation with the assistance of third-party forensic specialists to secure their network and to determine the nature and scope of the activity. Through the investigation, it was determined that there was unauthorized access to McLaren’s network between July 28, 2023, and August 23, 2023. On August 31, 2023, they learned the unauthorized actor had the ability to acquire certain information stored on the network during the period of access. As part of their ongoing investigation, McLaren undertook a thorough review of the potentially impacted files to determine whether any sensitive information was present. It was through this process, which concluded on October 10, 2023, that they determined that information pertaining to certain individuals may have been included in the potentially impacted files. 

McLaren is mailing notice letters to impacted individuals for whom they have valid mailing addresses. This letter will include resources that individuals can reference to further protect their information.  

The information impacted varied by individual and not all information was available for every individual. The information that may have been impacted includes some combination of certain individuals’ names and the following: Social Security number, health insurance information, date of birth, and medical information including billing or claims information, diagnosis, physician information, medical record number, Medicare/Medicaid information, prescription/medication information, diagnostic results and treatment information. 

Upon learning of this event, McLaren immediately took steps to secure their network and maintain operations in a safe and secure fashion. McLaren are working to review their existing policies and procedures and to implement additional administrative and technical safeguards to further secure the information on their systems. Notice was also provided to federal law enforcement and to the U.S. Department of Health and Human Services.  



November 16, 2023


Topic Area: Information Technology , Safety , Security


Recent Posts

On the Lookout: The Software Supply Chain as a Healthcare Cyberattack Vector

Staying watchful of third-party software vendors and their activities is critical for healthcare cybersecurity.


Hackensack Meridian Health & Wellness Center at Clifton Opens

The Clifton center expands health care access in Passaic County by reducing barriers such as travel and wait times.


Suffolk Breaks Ground on Expansion of White Plains Hospital

The 10-story, approximately 500,000-square-foot expansion is slated to open in 2028.


EVS Leadership Culture Critical in Preventing Hospital-Acquired Sepsis

Cleaning is an essential yet complex component for the prevention of HAI-induced sepsis.


Man Dies by Suicide in Emergency Department Waiting Room at Kansas Hospital

No staff or patients were harmed, and the man was alone in the waiting area when he shot himself.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.