LANSING, Mich. (WLNS) — A statement from McLaren Health Care officials on Wednesday said it’s possible patient data may have leaked onto the dark web, thanks to a ransomware attack that shut down its computer network in late August and early September.
McLaren says an investigation confirmed its computer network was targeted by a ransomware event. Officials with McLaren also said another investigation is working to verify whether any private data made its way onto the dark web.
If that fear is confirmed, McLaren says it will notify the impacted individuals “as soon as possible.”
“We want to assure our patients and the communities we serve that our systems remain operational, and we continue to provide the exceptional care for which we are known,” said Dave Jones, marketing manager for McLaren Health Care, in a press release.
A ransomware group known as BlackCat/AlphV, which has claimed responsibility for several high-profile hacking incidents, took credit for the McLaren cybersecurity attack.
Healthcare providers are required to comply with several federal regulations that create transparency for the affected when personal data leaks occur, including disclosing what types of information were compromised, how people can protect themselves and how the leak is being investigated.
McLaren’s press release on Wednesday also detailed how it is updating its cybersecurity in response to the ransomware hack:
“Protecting the security and privacy of data in our systems is a top organizational priority, so we immediately launched a comprehensive investigation to understand the source of the disruption and identify what, if any, data exposure occurred.
We simultaneously retained leading global cybersecurity specialists to assist in our investigation, and we have been in touch with law enforcement. We have also taken measures to further strengthen our cybersecurity posture with a focus on further securing our systems and limiting disruption to our patients and the communities we serve.”