Email

AG Nessel Alerts Consumers of Ways to Protect Their Data After McLaren Cyber Attack

Michigan Department of Attorney General
From Michigan Department of Attorney General <[email protected]>
Subject AG Nessel Alerts Consumers of Ways to Protect Their Data After McLaren Cyber Attack
Date August 9, 2024 8:24 PM
  Links have been removed from this email. Learn more in the FAQ.
  Links have been removed from this email. Learn more in the FAQ.
Nessel Email Header




*FOR IMMEDIATE RELEASE:*

August 9, 2024




*Media Contact:
*Danny Wimmer <[email protected]>






*AG Nessel Alerts Consumers of Ways to Protect Their Data After McLaren Cyber Attack*





*LANSING* ? Michigan Attorney General Dana Nessel is reminding residents about consumer protection tips in the wake of McLaren Health Care?s most recent IT disruption.?

?These events serve as a clear warning that our most private information is under constant threat from cybercriminals,? said Nessel. ?I encourage everyone to be diligent in safeguarding their accounts and to be on the lookout for any indications of personal data exploitation. Unfortunately, at this time information is scarce as to what information may have been exposed. While more than 30 other states have laws requiring State notification of significant breaches, Michigan is not among them, and consumer protection agencies like ours often only learn of these attacks by media reporting.??

Nessel wants consumers to understand the importance of protecting their medical information after a data breach and to recognize the warning signs that may indicate someone is using their information. Affected individuals should watch out for:


* A bill from your doctor for services you didn?t receive.
* Errors in your Explanation of Benefits (EOB), like services you never received or medications you don?t take.
* Calls from debt collectors about medical bills you don?t owe.
* Medical debt collection notices on your credit report that you don?t recognize.
* A notice from your health insurance company saying you?ve reached your benefit limit.
* Denied insurance coverage due to a pre-existing condition you don?t have.

A statement [ [link removed] ] on McLaren?s website indicates the disruption, which was reported on Tuesday, August 6, was the result of a ?criminal cyber attack.? McLaren?s statement goes on to indicate its facilities are ?largely operational,? but admits it has limited access to its systems.?

In October of last year, McLaren was the victim of another attack [ [link removed] ] by a cybercriminal gang known as BlackCat/AlphV, which claimed to have stolen the sensitive personal health information of 2.5 million McLaren patients. Approximately 2,148,749 Michigan residents were sent data breach notice letters advising that certain of their personal information may have been impacted.?

McLaren Health Care is a 13-hospital integrated healthcare system based in Grand Blanc, Michigan. Among its facilities is Michigan?s largest network of cancer centers and providers.?

If you receive a notification letter or hear about a data breach at one of your medical providers, take these steps to secure your medical and financial accounts:


* Change the passwords on any medical portals you use.
* Check your EOBs from insurers carefully.
* Contact your bank and credit card issuers to place an alert on your accounts.

For more information on how to respond to data breaches, read Attorney General Nessel's consumer alert, Data Breaches: What to Do Next. [ [link removed] ]?

If consumers are concerned that their data may have been impacted, they can also consider freezing their credit. A credit freeze prevents creditors?such as banks or lenders?from accessing individuals? credit reports. This will stop identity thieves from taking out new loans or credit cards in consumer?s names because creditors will not approve their loans or credit requests if they cannot first access their credit reports. By law, a credit bureau must allow you to place, temporarily lift, or remove a credit freeze for free.?

When consumers freeze their credit with each bureau, the bureaus will send them a personal identification number. The consumers can then use that PIN to unfreeze their credit if they want to apply for a loan or credit card. Consumers can also use the PIN to freeze their credit again after they have applied for loans or a new credit card.?

Individuals will have to freeze their credit with each bureau: Experian, Equifax, and TransUnion.


* Equifax [ [link removed] ]: +1 (888) 766-0008
* Experian [ [link removed] ]: +1 (888) 397-3742
* TransUnion [ [link removed] ]: +1 (800) 680-7289

Cyber attacks in the healthcare sector have been increasing, as well as the severity of the data breaches. The largest data breach in 2023 compromised over 8 million records. In 2022, eight out of the eleven biggest data breaches happened at hospitals or health systems.??

Ransomware is one of the most common threats against healthcare organizations. The FBI received 870 complaints of ransomware attacks last year?210 of them from healthcare entities, more than any other sector.?

The healthcare industry is highly targeted by cyber attacks because of the large amount of Personal Health Information?stored on its systems. These data breaches are costly, with the average breach costing over $11 million to fix.?

The McLaren attack comes only months after a ransomware attack [ [link removed] ] on the St. Louis-based Catholic healthcare system Ascension, which operates 15 hospitals in Michigan, and only weeks after Michigan Medicine announced that up to 56,953 patients may have had some health information compromised when employee emails were hacked between May 23 and May 29, 2024. ?

McLaren has not provided a date for when its systems will be fully functional again.?

?

###?

?






AG logo [ [link removed] ]





*Media Inquiries* <[email protected]>




*Latest Releases* [ [link removed] ]




*File a Complaint* [ [link removed] ]







________________________________________________________________________

Michigan Department of the Attorney General [ [link removed] ] ? Questions?
? Contact Us [ [link removed] ]

STAY CONNECTED: Visit us on Twitter [ [link removed] ] Instagram logo [ [link removed] ] Visit us on Facebook [ [link removed] ] YouTube [ [link removed] ] Sign up for email updates [ [link removed] ] ? ? ?

Bookmark and Share [ [link removed] ]

SUBSCRIBER SERVICES:
Manage Preferences [ [link removed] ]??|?Help [ [link removed] ]

________________________________________________________________________

This email was sent to [email protected] using GovDelivery Communications Cloud on behalf of: Michigan Attorney General ? G. Mennen Williams Building, 7th Floor?? 525 W. Ottawa St., P.O. Box 30212 ? Lansing, MI 48909?? 517-373-1100
Screenshot of the email generated on import

Message Analysis

The Archive of Political Emails is a project of Defending Democracy Together Institute. Please email [email protected] with any questions.