Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Security Privacy

Healthcare Giant McLaren Reveals Data On 2.2 Million Patients Stolen During Ransomware Attack (techcrunch.com) 12

An anonymous reader quotes a report from TechCrunch: Michigan-based McLaren Health Care has confirmed that the sensitive personal and health information of 2.2 million patients was compromised during a cyberattack earlier this year. A ransomware gang later took credit for the cyberattack. In a new data breach notice filed with Maine's attorney general, McLaren said hackers were in its systems for three weeks during July 28 through August 23 before the healthcare company noticed a week later on August 31. McLaren said the hackers accessed patient names, their date of birth and Social Security number, and a wealth of medical information, including billing, claims and diagnosis information, prescription and medication details, and information relating to diagnostic results and treatments. Medicare and Medicaid patient information was also taken.

McLaren is a healthcare provider with 13 hospitals across Michigan and about 28,000 total employees. McLaren, whose website touts its cost efficiency measures, made over $6 billion in revenue in 2022. News of the incident broke in October when the Alphv ransomware gang (also known as BlackCat) claimed responsibility for the cyberattack, claiming it took millions of patients' personal information. Days after the cyberattack was disclosed, Michigan attorney general Dana Nessel warned state residents that the breach "could affect large numbers of patients." TechCrunch has seen several screenshots posted by the ransomware gang on its dark web leak site showing access to the company's password manager, internal financial statements, some employee information, and spreadsheets of patient-related personal and health information, including names, addresses, phone numbers, Social Security numbers, and diagnostic information. Alphv/BlackCat claimed in its post that the gang had been in contact with a McLaren representative, without providing evidence of the claim.

This discussion has been archived. No new comments can be posted.

Healthcare Giant McLaren Reveals Data On 2.2 Million Patients Stolen During Ransomware Attack

Comments Filter:
  • by The Cat ( 19816 ) on Monday November 13, 2023 @07:11PM (#64003601)

    How many IT people have been laid off in the last two years?

    How many job openings in IT?

    How many rounds of six against one interviews do they have to endure on average before they get hired?

    How many people out of those 28000 employees can write a bash script that does something useful without nine Stack Overflow searches?

    • by blahbooboo ( 839709 ) on Monday November 13, 2023 @07:24PM (#64003625)
      Hospital IT departments are typically not adequately funded and are normally staffed with lackluster people (due to low salaries compared to industry) in hospitals.
      • by gweihir ( 88907 )

        Essentially regulatory failure. The ones responsible here (the C-levels deciding the budget) should be personally punished for what happened here. For that there need to be laws or regulations that say you have to protect patient data effectively.

        • No, caused by regulation. Hospitals have absurdly low operating margins, any additional costs like the ObamaCare, EHR and COVID mandates and more recently the immigrant surge and you will need to start cutting significantly, the first places to go will be the support roles from nurses to IT to cleaning staff.

          • by gweihir ( 88907 )

            That is bullshit.The US has about the most expensive medical system on the planet, but definitely not the best one.

            • by guruevi ( 827432 )

              Not really. US pays more on an individual basis but less on a per capita basis for pure healthcare. If you're adding in research costs, about 50-60% of any budgets you quote include healthcare research which the US outstrips spending on for the next 10 countries combined.

  • by Virtucon ( 127420 ) on Monday November 13, 2023 @07:36PM (#64003645)

    PII has been stolen, lives will be impacted and the customer solution will be "here's a year of craptacular credit monitoring."

    In the meantime, the healthcare company will get a hefty fine and will hire some big-name consulting firm to address issues that they already knew about
    years ago.

    It never changes.

    • by AmiMoJo ( 196126 )

      There should be a fund that pays out to victims, and also is invested in improving the whole industry so that e.g. everyone gets free credit monitoring all the time as a matter of course.

      Every company that suffers a breech is obliged to pay in for 25 years. The payments are decided yearly, based on how much it costs to run the programme.

  • At this point in time so much PII has been lost in various leaks that it is ludicrous to talk about "identity theft". If anyone provides valuable goods/services to an entity with no more assurance of identity than can provided by showing knowledge of basic PII, then the person who provided those goods/services should have the burden of proof regarding who owes them what.

    The idea that "identity theft" is the problem of the person whose identity was fraudulently given in a transaction is ridiculous given th

  • FAKE NEWS (Score:2, Funny)

    by Anonymous Coward

    I'm pretty sure far fewer than 2.2 million McLaren supercars have ever been built!

  • McLaren (Score:2, Funny)

    by rossdee ( 243626 )

    Lando Norris is doing well, only a few points behind Fernando Alonso with 2 GP left in the season

  • A little lacking in technical details.

"Pull the trigger and you're garbage." -- Lady Blue

Working...