By HFT Staff

McLaren Health Care (McLaren) is issuing notice regarding a data security incident that may involve information related to certain patients of McLaren and Karmanos Cancer Institute.  

Around August 5, 2024, McLaren became aware of suspicious activity related to certain McLaren and Karmanos Cancer Institute computer systems, the result of their organizations being the target of a cybersecurity attack by an international ransomware group. They immediately launched their emergency response plan and an investigation with the assistance of third-party forensic specialists to secure their network and to determine the nature and scope of the activity. 

Through the investigation, it was determined that there was unauthorized access to McLaren’s network between July 17, 2024, and August 3, 2024. As part of the investigation, they undertook a thorough review of the potentially impacted files to determine whether any sensitive information was present. It was through this process, which concluded on May 5, 2025, that they determined which patients’ information may have been included in the impacted files. 

The information involved may include a combination of the following: name, Social Security number, health insurance information, date of birth, and medical information including billing or claims information, diagnosis, physician information, medical record number, Medicare/Medicaid information, prescription/medication information, diagnostic and treatment information. 

While there is currently no evidence that the information has been misused, McLaren has begun the process of notifying those patients whose information may have been impacted. Letters will be mailed to those patients that include resources to enroll in complimentary credit monitoring and identity theft protection services.