LANSING – McLaren Health Care confirmed Wednesday that a “criminal cyberattack” caused disruption to its computer and phone systems.
McLaren first confirmed the problem on Monday.
“Our IT team continues to work with external cybersecurity experts to analyze the nature of the attack and mitigate the impact of the threat actors,” McLaren officials said in a statement posted online. “At this time, we have not determined whether patient or employee data was compromised.”
The health organization said its facilities were “largely operational and able to care for our population,” including the emergency department. Most surgeries and procedures were being carried out, although “some non-urgent appointments, examinations and treatments” were being postponed, the statement said.
“In addition, we are also actively working with our supplier partners and insurance providers to ensure that our supply chain is not disrupted and that insurance authorizations for care and treatments are processed,” the statement said.
On Monday afternoon, the Grand Blanc-based health system announced it was experiencing a “disruption” to its information technology platforms and phone systems. It said it was working to determine the extent of the disruption and there was no time frame to restore functionality.
At least some McLaren websites were unavailable on Monday and Tuesday.
As of Wednesday, McLaren officials had not released any information about the cause of the malfunction.
The incident was the second major technology outage at McLaren since last fall, when the health system shut down its computer network because of a ransomware attack.
“Immediately after learning of the attack, our hospitals and outpatient clinics implemented downtime to ensure care was available at our facilities,” McLaren said Wednesday. “Several information technology systems remain in downtime while we work to fully restore functionality to our system. We have implemented policies and procedures and are training to handle information technology disruptions. We are grateful for the response of our nursing and frontline staff who have come together to provide care under these circumstances.”
Patients should expect to keep scheduled appointments unless contacted by the facility, McLaren said.
“Our team will work carefully with each patient whose appointment has been rescheduled,” the statement said. “During this disruption, we ask that patients bring the following information to their appointments:
- A list of current medications or prescription drugs
- Printed doctor’s orders for imaging tests or treatments
- Printed results of current laboratory tests available in the patient portals
- A list of allergies
Wednesday’s statement also included an apology for “any inconvenience caused by the attack by these malicious threat actors.”
According to a statement from the state’s Attorney General Dana Nessel following the cyberattack on McLaren last year, a cybercriminal gang known as BlackCat/AlphV claimed to have stolen confidential personal health information from 2.5 million McLaren patients. The actual number of patients affected and their identities are unknown, the attorney general said.
On Wednesday, Nessel’s office said it had not been directly notified of any new data breaches, nor had McLaren filed a report of the data breach with the U.S. Department of Health and Human Services’ Office for Civil Rights.
“At this time, the ministry’s knowledge is limited to media coverage of this matter,” the statement said.
McLaren has 13 hospitals in Michigan.
Contact Ken Palmer at [email protected]. Follow him on X @KBPalm_lsj.
