Michigan residents are grappling with the repercussions of a second cybersecurity attack on a large health system, which has affected over 1 million patients, according to state officials. Michigan’s AG (Attorney General) Dana Nessel revealed the breach at HealthEC, a vendor providing services to Corewell Health's properties in southeast Michigan. This breach exposed patients' personal and medical information.HealthEC plays a critical role in identifying high-risk patients, addressing care gaps, and recognizing barriers to optimal care, as outlined in a released statement. While the specific details of the exposed information remain undisclosed, potential data includes names, addresses, dates of birth, Social Security numbers, medical diagnoses, mental/physical conditions, health insurance details, treatment costs, and billing and claims information.Patients impacted by the breach received notification letters mailed to them on December 22, according to Nessel's office. Expressing concern over the sensitivity of health information, Nessel emphasized the need for robust protection and called on the Michigan legislature to enact measures requiring immediate reporting of data breaches to the Department of the Attorney General.Corewell Health took the proactive step of notifying the AG’s office before it made any announcement – public or internal regarding the attack. This incident follows a data breach last month involving Welltok, a vendor for Corewell Health, which similarly exposed personal and medical information, impacting over 1 million patients.

Photo by Tima Miroshnichenko from Pexels

For individuals affected by the breach, Nessel's office recommends taking preventive measures. According to the instructions, it involves:

• Changing passwords regularly, ensuring it has upper- and lower-case letters, numbers, and symbols.

• Contacting financial institutions and requesting a cybersecurity audit.

• Introducing a fraud alert or similar check on any credit files you may have to thwart identity theft.

In October 2023, McLaren Health Care fell victim to a ransomware attack, marking another unfortunate addition to the growing list of healthcare organizations grappling with cyber threats. The Michigan-based health system detected suspicious activity on its computer network, prompting an immediate investigation to assess the extent of the breach and potential exposure of private health information.Confirming the cyber incident, McLaren released a statement acknowledging the occurrence of a ransomware event. Despite the attack, the health system emphasized that its operational systems remained functional, ensuring the uninterrupted delivery of exceptional care for which McLaren is known.As part of their response strategy, McLaren collaborated with law enforcement officials and engaged cybersecurity experts to thoroughly investigate the incident. The ransomware group behind the attack, identified as BlackCat, claimed to have stolen private information from approximately 2.5 million McLaren patients.BlackCat, also known as ALPHV, gained notoriety for running one of the most sophisticated ransomware operations in the health sector, as highlighted in a December 2022 analyst note from the Health Sector Cybersecurity Coordinating CenterThis incident adds to the growing list of cyberattacks and data breaches targeting health systems across the United States. In Oklahoma, Integris Health faced unauthorized access to patient data, with the perpetrators threatening to expose the information on the dark web unless payment was received.Capital Health in New Jersey experienced network outages attributed to a potential cybersecurity incident, while Ardent Health Services, operating hospitals in New Jersey, confronted a ransomware attack on Thanksgiving Day, leading to diversions of ambulances and canceled non-elective procedures.

Sources:

Health system reports 2nd data breach, more than 1M patients affected

Ardent Health Services Cybersecurity IncidentCorewell Health Data Breach Exposes Info of One Million Michigan PatientsSecond Corewell Health Data Breach Exposes Info of One Million Michigan PatientsMichigan hospital system says it’s suffered ransomware attack