LANSING (WWJ) Michigan Attorney General Dana Nessel urges you to be on high alert in the wake of the cyber attack against McLaren Health Care.
She stresses the importance of protecting medical information and to recognize warning signs of nefarious use of the information. This includes:
-A bill from your doctor for services you didn’t receive
-Errors in your Explanation of Benefits (EOB) from your insurance company, including services you never received or medications you weren’t prescribed
-Calls from debt collectors about medical bills you didn’t incur, or medical debt on your credit reports you don’t recognize
-A notice from your insurance company that you’ve reach your limit
-Denied insurance coverage based on a preexisting condition you don’t have
A statement from McLaren said they experienced a “criminal cyber attack” on Wednesday that disrupted their phone and IT systems.
“Currently, our facilities are largely operational and able to care for our communities and will continue to do so until operations are restored,” the statement read.
According to McLaren, their emergency departments are still running and “most” surgeries and procedures can still be performed.
Until the issues are resolved, patients should plan to show up for their scheduled appointments unless contacted by their care team. They’re also asked to bring a current list of medications or prescription bottles; printed physician orders for imaging studies or treatments; printed recent lab results from patient portals; and a list of allergies. LEARN MORE HERE
“These events serve as a clear warning that our most private information is under constant threat from cybercriminals,” Nessel said. “I encourage everyone to be diligent in safeguarding their accounts and to be on the lookout for any indications of personal data exploitation."
In October of 2023, a criminal cyber gang known as BlackCat/AlphV targeted McLaren in a separate attack. The cyber criminals claimed to have stolen the sensitive health information of more than 2.5 million McLaren patients. More than two million Michigan residents received letters that their information may have been impacted in the previous attack.
"Unfortunately, at this time information is scarce as to what information may have been exposed," Nessel said of Wednesday's cyber attack. "While more than 30 other states have laws requiring State notification of significant breaches, Michigan is not among them, and consumer protection agencies like ours often only learn of these attacks by media reporting.”
If you see evidence that your personal health information has been compromised, Nessel recommends taking the following steps:
-Change the passwords on your medical portals
-Check your EOBs from insurance thoroughly
-Contact your bank and credit card companies to place an alert on your accounts
You may also consider freezing your credit report—preventing thieves from taking out new credit cards or loans in your name. By law, a credit bureau must allow you to place or reverse a freeze for free.
In order to have proper security, you would have to freeze your credit reports with all three bureaus:
Equifax: +1 (888) 766-0008
Experian: +1 (888) 397-3742
TransUnion: +1 (800) 680-7289
McLaren is a 13-hospital health system based in Grand Blanc, with Michigan’s largest network of cancer centers.
According to Nessel, ransomware is one of the “most common threats” against our healthcare system—with the average breach costing over $11 million to fix.