Healthcare providers continue to suffer from frequent cyberattacks, resulting in enormous financial losses and significant disruption to patient care.
The most recent healthcare cybersecurity incident to make headlines occurred last Monday, when McLaren Health Care fell victim to an attack by the cybercriminal group INC Ransom. The Michigan-based health system, which operates 13 hospitals, has been working to restore its IT and phone systems over the past week, but some of those systems are still down.
Disturbances
After learning of the outage, McLaren postponed some scheduled procedures and asked patients to bring printed versions of their health records and lab results.
While patients are still being asked to bring their printed medical records, most surgeries are currently taking place. The health system said its primary and specialty care clinics are now “largely operational.”
The attack also caused radiation treatment for some cancer patients to be delayed. McLaren said its cancer centers were back to full operation on Monday.
McLaren’s emergency departments remain operational, but the health system said some locations still require ambulance diversions due to certain medical conditions.
Disclosed data
On Friday, Michigan Attorney General Dana Nessel urged McLaren patients to take steps to protect their data. It’s not clear what information may have been made available to the hackers, so she urged patients to be alert for signs of misuse of personal information.
“While more than 30 other states have laws requiring state reporting of serious violations, Michigan is not one of them, and consumer protection agencies like ours often only learn of these attacks through media reports,” Nessel’s statement said.
Employees who use paid leave
This week, local news reports emerged in which McLaren employees said they were told they would have to use their paid leave to be compensated for the days missed due to the cyberattack.
McLaren said its employees who are unable to work due to the power outage also have the option of applying for unemployment benefits instead of using their paid leave.
Déjà vu
This is the second major cyberattack McLaren has experienced in less than a year.
Last September, the healthcare system fell victim to an attack by the BlackCat ransomware gang that exposed the data of 2.2 million patients. BlackCat claims to have stolen 6 terabytes of data from McLaren.
Photo: Traitov, Getty Images
