© 2024 Michigan State University Board of Trustees
Public Media from Michigan State University
Play Live Radio
Next Up:
0:00
0:00
0:00 0:00
Available On Air Stations

McLaren Health responds to second cyberattack in less than a year

McLaren Greater Lansing hospital building in Lansing
Sophia Saliby
/
WKAR-MSU
McLaren is based in Grand Blanc and is made up of 13 hospitals including one in Lansing.

McLaren Health System is continuing to deal with the impacts of a cyberattack last week.  

Some non-emergency appointments, tests and procedures are being rescheduled. Other operations are still down with no set return date. 

McLaren officials say they have not determined whether any patient data was compromised in last week’s attack. 

The health system saw another cyberattack last October, when more than 2 million patients received notice that some of their personal information may have been impacted. Cybercriminal gang ALPHV-BlackCat claimed responsibility for the ransomware breach.

Cybersecurity experts say there are many ways that hackers can make their way into a system, but accountability lies with the health system to have protections in place. 

"When a system is hacked twice in less than a year. I would say they really need to look much deeper into how their security mechanisms work,” said Borzoo Bonakdarpour, a Michigan State University associate professor with the computer science and engineering department.

In a news release about the cyberattack, Michigan Attorney General Dana Nessel said the state does not have legislation that requires companies to provide notification that a serious breach has occurred. That means consumers, as well as consumer protection agencies, usually only find out about these types of incidents when the media reports about them. 

“These events serve as a clear warning that our most private information is under constant threat from cybercriminals,” Nessel said in the release.

“I encourage everyone to be diligent in safeguarding their accounts and to be on the lookout for any indications of personal data exploitation.” 

Bonakdarpour adds hospitals can be a gold mine of data for hackers which is why they are often targets. 

"There is so much information in health systems, names, phone numbers, addresses, email addresses, credit card numbers, social security numbers,” he said. 

Bonakdarpour says some of that information could be used to create fake letters, emails or phone calls from health providers that appear real but are being used to steal money or other data and that the best way to prevent fraud or identity theft is to change passwords frequently and to be vigilant of fraudulent communications posing as hospitals, insurance companies or financial institutions. 

“I think the best we can do as just individuals in a society is be very vigilant and diligent in terms of protecting our accounts.” 

The Attorney General’s office also says consumers can initiate a free credit freeze to prevent bad actors from fraudulently taking out a loan or credit cards in their name. 

Sophia Saliby is the local producer and host of All Things Considered, airing 4pm-7pm weekdays on 90.5 FM WKAR.
Stay informed with WKAR's comprehensive 2024 Election coverage, available on-air and online. Our team provides accurate and timely information on key issues for mid-Michigan voters. Your support is essential for maintaining strong local journalism. Donate today to make a difference.