- As GOP Cries Fraud, Newsom Backs Medicaid Spending on Housing and Food
- Journalists Discuss Raw-Milk Marketing, Extreme Heat, Opioid Settlement Spending
- 15 states sue US Education Department over mental health cuts
- 23 new behavioral health study findings to know
- Illinois grows certified recovery support workforce 335% since 2022
- New Mexico awards $24.5M for behavioral health expansion
- HCA Houston Healthcare hospital names chief medical officer
- Indiana hospital credits expanded services to employee health insurance switch
- 38 behavioral health executive moves to know
- ChristianaCare’s Graham Cancer Center joins Association of American Cancer Institutes
- ‘The fight is worth it’: How rural hospitals can recover from the brink of closure
- The term ‘payvider’ isn’t very useful
- Hospital ACOs raised Medicare spending 0.8% under ACO REACH: 8 notes
- Payers are pushing the top anesthesiologists out of the insurance model
- Virginia’s largest dental group adds Overjet AI platform
- Healthcare ransomware attacks up 14%: 5 things to know
- UHS Texas behavioral hospital names CEO
- Pharmacy leaders are done waiting
- Mentorship vs. sponsorship: What actually gets women into health system C-suites?
- My Community Dental Centers appoints chief people officer
- Former Illinois dental employee pleads guilty to stealing more than $500K from practice
- CMS’ 2027 rules: Why some specialties are ‘on the outside looking in’
- U of Maryland appoints interim dental school dean
- CMS’ ASC rule: Gains for some, cuts for others
- What leaders need to know about rising mental health leave
- Colorado university closes dental clinic abruptly
- Principal to acquire Beam Benefits, dental provider serving 25,000 businesses
- CMS’ next payment move puts spine ASCs in focus
- The functions ASC leaders won’t hand off
- Washington’s noncompete ban: What healthcare employers need to know
- Doctors want wearable data but healthcare isn't ready for it, AMA survey finds
- Chattanooga Heart Institute to pay $3.75M to settle data breach lawsuit
- Watson Clinic opens multispecialty ASC
- The era of free anesthesia coverage is over
- ASA, Team Health ink deal
- MaineHealth launches psychiatric nurse practitioner, physician associate fellowship
- California completes statewide behavioral health shift: 3 things to know
- 3 DSOs making headlines
- SALT Dental Partners adds 14-office North Carolina practice
- Feds push back HIPAA security rule overhaul to July 2027
- Katie Couric's Memory Loss Scare Puts Rare Brain Condition In Spotlight
- Mild COVID Can Lead To Long-Term Hidden Eye Problems
- Star Padcev-Keytruda combo expands bladder cancer reach with FDA approval, pressuring AstraZeneca
- ACO REACH participants generated nearly $1B in 2024 savings: CMS
- Young people living with PKU take the mic in BioMarin podcast series, TikTok push
- Apollo inks €3B equity deal for stake in Bayer's contraceptives business
- Op-ed: Tackling affordability is a shared responsibility. Here's what hospitals are doing
- Pearl Health banks $110M in fresh funding to build out tech and AI for Medicare providers
- FDA rejects Hengrui, Elevar’s PD-1 liver cancer combo for a 3rd time
- LGBTQ+ People Less Likely To Be Screened For Some Common Cancers
- Smartphone App Uses Voice To Predict Asthma, COPD Flare-Ups
- Seniors Know How Sharp They Are At Any Given Time, Study Finds
- Patients Face A Thicket of Red Tape Trying To Maintain Consistent Health Coverage
- AI Can Detect Previously Invisible MS Scars In The Brain
- They Harvest the Nation’s Food, but a New Rule May Strip Them of Health Insurance
- A New Option for Long-Term Care Costs
- Sanofi snags FDA thumbs up for Sarclisa as 1st cancer drug delivered by on-body injector
- Fierce Pharma Asia—More AZ China deals; Kailera, Hengrui’s oral GLP-1 data; Scrutiny of Chinese trials
- J&J’s Tremfya retakes ad spending throne in June as Haleon tops pharma’s World Cup airings
- Aspen Dental targets fast-growing Georgia city for new practice
- Sobi earns top spot in bleeding disorder patient groups' pharma reputation rankings
- What will make or break the future of DSO success
- South Carolina cites behavioral health facility over missing correction plan
- Former Mayo Clinic research director sues system over alleged retaliation for raising AI practice concerns
- Senators urge Defense Department to expand autism therapy coverage under Tricare
- A $10B deal, China trial scrutiny and highlights from ADA 2026
- Memorial Hermann Health Plan winds down commercial coverage
- Remarks at the Society for Corporate Governance Conference
- CVS' Omnicare unit agrees to $440M settlement with DOJ in ongoing fraud case
- GLP-1 Use Hits Record High As Medicare Opens Access To Weight-Loss Drugs
- Founder of telehealth startup Done sentenced to six years in prison for Adderall fraud scheme
- HHS calls on hospitals to sign 'Make Hospital Food Healthier Pledge'
- Foundation Fights Medical Errors That Claim 200,000 U.S. Lives A Year
- Former exec alleges Alignment Healthcare leaders juiced profits to boost bonuses
- Weekly Rundown: Surgical Safety Technologies rebrands to Aimbient; UC San Diego launches applied health intelligence institute
- In compensation push, HHS gears up to draft COVID vaccine injury table
- AZ, Ionis shares tumble on ATTR-CM trial flop, but analyst flags over-reaction
- Frazier Healthcare Partners to acquire MatrixCare in $490M deal
- New, Highly Accurate Brush Test Can Detect Mouth Cancer Within An Hour
- Innovative Hip Replacement Cuts Post-Surgery Risk Of Dislocation By 70%
- Global Study Finds Kids Worldwide Skipping Fruits And Vegetables
- Ipsen’s Botox rival Dysport charts new horizons with dual phase 3 wins in migraine
- Affordable Care Act Insurers Want More Premium Increases As Enrollment Sags
- My Search for a Psychiatric Bed in an Overburdened Health System
- Dr. Reddy's presses pause on generic semaglutide supply after flagging API issue
- OpenEvidence launches medical AI copilot feature that grades medical evidence and unveils NewYork-Presbyterian collaboration
- Novo Nordisk asks public to ‘Meet Me in the Middle’ in new obesity experience installation
- BioNTech plots right-sized HER2 ADC launch to ‘build the muscle’ for BMS-partnered bispecific
- Health tech startup Forus inks partnership with GI medical society to improve medication access
- UnitedHealthcare unveils Lifestyle Spending Accounts for employer plans
- FDA hits Lundbeck with untitled letter over efficacy claims on migraine drug Vyepti
- Sanofi floats flu shot marketing pledges to pacify EU antitrust probe
- Tampa General Hospital sues Eli Lilly over pulled 340B discounts
- Viz.ai expands neurodegenerative disease care in new partnership with Cortechs.ai
- E. Coli Outbreak Prompts Recall Of Frozen Blueberries At Publix
- Drinking Coffee May Lower Your Risk of Liver Disease
- FDA halts release of new drug rejection letters while working to formalize policy
- Mass General Brigham nurses, home care clinicians launch largest healthcare strike in state history
- ACA plans set for another year of premium spikes, preliminary filings show
- AI wearables company Vilo launches Signal OS ahead of upcoming smart ring launch
- CureDuchenne lights the candles with DMD public service campaign highlighting birthdays
- Zimmer Biomet to Hire 500 in India as New Bengaluru Technology Centre Drives AI and MedTech Innovation
- Foreign drugmaker caught faking doctors’ petition to evade China’s price cut scheme
- AdaptHealth Investigates Data Breach After Social Engineering Attack, Possible Link to ShinyHunters Emerges
- Keenova gets on the good foot with Xiaflex trial win in rare tissue growth condition
- Evonik plugs $100M into Indiana drug substance plant as US CDMO demand mounts
- Rumination Plays Key Role In Caregiver Stress, Study Says
- U.S. Teens Underestimate Risks Of Fentanyl Use, Survey Finds
- Men More Likely To Be Diagnosed With Advanced Cancer
- Primary care’s AI moment
- Copay Assistance Is Meant To Defray Patient Drug Costs. Some Insurers Keep It Instead.
- Training Program Could Ward Off Injuries Among Soccer Girls
- Affordable Care Act Insurers Want More Premium Increases as Enrollment Sags
- Patients Face a Thicket of Red Tape Trying To Maintain Consistent Health Coverage
- Allergan Aesthetics helps map paths for young women in STEM with Girls Inc. event
- Thousands of Medicare Beneficiaries Thought Their Drug Plan Was Free. Then They Lost It.
- Michigan, Other States See Unusual Spike In Parasite That Causes 'Explosive' Diarrhea
- Statement on the 2026 Regulatory Agenda
- GLP-1 'Secret Shopper' Study Finds Gaps in Online Prescribing
- Applying Agentic AI to Healthcare Delivery: The Key to True Transformation
- From Compliance to Clinical Action: Fixing the Broken Loop in Post-Market Surveillance
- Fatty Liver Boosts Odds Of More Deadly Colon Cancer, Study Says
- Weight Loss Surgery Increases Risk Of Alcoholism, Study Says
- IV Vitamin C Might Boost Recuperation Among Trauma Patients
- These Church Members Disagree On Politics. Together They're Wiping Out Medical Debt.
- Exercise Can Ward Off Nicotine Fits, Help Smokers Quit
- Thousands of Medicare Beneficiaries Thought Their Drug Plan Was Free. Then They Lost It.
- Copay Assistance Is Meant To Defray Patient Drug Costs. Some Insurers Keep It Instead.
- New California Law Replaces 'Sell By' Labels On Food Packaging
- Study Raises New Questions About Artificial Sweeteners
- Calling Low-Risk Prostate Cancer Something Else Might Save More Lives, Researchers Argue
- Taking Small Breaks From Sitting Around Can Lower Your Cancer Risk
- Learning Languages Could Net You A Younger Brain, Study Says
- New Disease Threats Follow Trump Administration's Health Program Cuts
- In California Governor’s Race, Voters Face Stark Choice on Immigrant Healthcare
- Epic plans to expand 4 executives' roles as President Sumit Rana exits the company
- FDA Lets 20 ZYN Nicotine Pouches Claim Lower Risk Than Cigarettes; Critics Warn Of Danger
- Ultra-Processed Foods Linked To Brain Differences In Young Children
- Prompt Responses From Mom Might Lower A Baby's Risk Of Childhood Mental Health Problems
- Rehab Program Helps Lift Long COVID 'Brain Fog'
- Why Are You Right- Or Left-Handed? Experiments Suggest Surprisingly Simple Explanation
- Rural Americans More Likely To View Cancer As A Death Sentence, Poll Finds
- Regulatory tracker: NICE urges against future Lumakras reimbursement in UK
- Remarks at the Economic Club of New York
- Is Your Organization Ready to Govern AI in Regulatory Affairs?
- CMS Proposes TAVR Medicare Coverage is Potential Boost for Edwards Lifesciences
- Remarks to the US-CEE Connection: Transatlantic Challenges in Law, Business & Policy
- Statement Regarding Minimum Pricing Increments and Access Fee Caps
- Statement at the SEC Open Meeting on the Trade-Through Rule and Locked and Crossed Markets Provisions of Regulation NMS
- Disorder Protection Rule: Statement on the Proposed Amendments to Rule 611 and Other Provisions of Regulation NMS
Michigan healthcare freedom community forum
All 13 McLaren hospitals and their ancillary facilities, including the Karmanos Cancer Institute facilities, are experiencing a common cyberattack. The McLaren IT systems are down and all of them are reduced to legacy paper systems:
McLaren confirms cyberattack across its 13 Michigan hospitals, physician network
By Kristen Jordan Shamus - August 6, 2024For the second time in a year, cybercriminals have attacked McLaren Health Care's technology platforms, the Grand Blanc-based health system said Wednesday afternoon, confirming the cause of a disruption earlier this week to all 13 of its Michigan hospitals, surgery, infusion and imaging centers along with its network of 113,000 medical providers throughout Michigan, Indiana and Ohio.
"McLaren Health Care can now confirm the disruption ... was the result of a criminal cyber attack," said a statement sent to the Free Press. "Our information technology team continues to work with external cyber security experts to analyze the nature of the attack and mitigate the impacts of the threat actors. At this time, we have not determined if any patient or employee data was compromised."
The disruption began early Monday, and crippled some parts of the system's operations.
For a short time, ambulances were diverted from McLaren Port Huron Hospital, and some appointments had to be canceled because physicians couldn't access radiology reports, lab test results or orders for additional testing and procedures.
"Immediately after becoming aware of the attack, our hospitals and outpatient clinics instituted downtime procedures to ensure care delivery within our facilities," the McLaren statement said. "Several information technology systems continue to operate in downtime procedures while we work to fully restore functionality to our system. We have policies and procedures in place and train for information technology disruptions. We are grateful for the response from our frontline caregivers and staff who have come together to provide care under these circumstances."
No estimate was given for how long the disruption will last, and spokesperson David Jones did not answer questions from the Free Press about whether this incident involved ransomware and whether it was related to last year's cyberattack from the ransomware gang known as BlackCat/AlphV.
"Currently, our facilities are largely operational and able to care for our communities and will continue to do so until operations are fully restored," the updated statement said. "Our emergency departments continue to be operational, most surgeries and procedures continue to be performed, and our physician offices continue to see as many patients as possible. During this time of limited access to our systems, and out of an abundance of caution, some non-emergent appointments, tests, and treatments are being rescheduled.
"In addition, we are also actively working with our vendor partners and insurance providers to ensure our supply chain is not impacted and insurance authorizations are processed for care and treatments."
About 730,000 people are enrolled in McLaren's insurance plans in Michigan and Indiana. It also provides hospice care and pharmacy services, and operates clinical laboratories.
More:McLaren Health Care's Michigan hospitals hit by 'disruption' to computer, phone systems
The health system advised patients to keep their previously scheduled appointments unless the medical provider asks them to reschedule. It also asked patients to bring paper copies of the following to all appointments:
- A list of current medications or prescription bottles
- Printed physician orders for imaging studies or treatments
- Printed results of recent lab tests, if available, via the McLaren or Karmanos patient portal
- A list of allergies
In late August 2023, McLaren shut down its computer network in response to a ransomware attack that potentially leaked patient data onto the dark web.
A ransomware gang known as BlackCat/AlphV claimed responsibility then, posting online that it stole 6 terabytes of McLaren's data, including the personal information of 2.5 million patients.
Cyberattacks and the data breaches that often accompany them are a growing problem in health care, not only exposing the protected health data of patients but also affecting the ability to provide health care.
More:Cyberattack hits Ascension hospitals' computer networks: 'It's affecting everything'
Last year alone, 725 data breaches were reported to the U.S. Department of Health and Human Services Office for Civil Rights and more than 133 million records containing protected health data were exposed, according to the HIPAA Journal.
A cybersecurity breach in May that struck all 140 Ascension hospitals in the U.S., including in Michigan, forced the Catholic, nonprofit health system to postpone or cancel some appointments, divert ambulances to other hospitals and cut off electronic access to medical records, lab test results, radiology imaging and even impaired the ability for doctors to issue medical orders.
Our feckless Attorney General hasn't been able to find or prosecute any of the cybercriminals who have made a mess of our health care system, but her office does offer advice to victims and potential victims:
AG Nessel Alerts Consumers of Ways to Protect Their Data After McLaren Cyber Attack
By Danny Wimmer - August 09, 2024
LANSING – Michigan Attorney General Dana Nessel is reminding residents about consumer protection tips in the wake of McLaren Health Care’s most recent IT disruption.“These events serve as a clear warning that our most private information is under constant threat from cybercriminals,” said Nessel. “I encourage everyone to be diligent in safeguarding their accounts and to be on the lookout for any indications of personal data exploitation. Unfortunately, at this time information is scarce as to what information may have been exposed. While more than 30 other states have laws requiring State notification of significant breaches, Michigan is not among them, and consumer protection agencies like ours often only learn of these attacks by media reporting.”
Nessel wants consumers to understand the importance of protecting their medical information after a data breach and to recognize the warning signs that may indicate someone is using their information. Affected individuals should watch out for:
- A bill from your doctor for services you didn’t receive.
- Errors in your Explanation of Benefits (EOB), like services you never received or medications you don’t take.
- Calls from debt collectors about medical bills you don’t owe.
- Medical debt collection notices on your credit report that you don’t recognize.
- A notice from your health insurance company saying you’ve reached your benefit limit.
- Denied insurance coverage due to a pre-existing condition you don’t have.
A statement on McLaren’s website indicates the disruption, which was reported on Tuesday, August 6, was the result of a “criminal cyber attack.” McLaren’s statement goes on to indicate its facilities are “largely operational,” but admits it has limited access to its systems.
In October of last year, McLaren was the victim of another attack by a cybercriminal gang known as BlackCat/AlphV, which claimed to have stolen the sensitive personal health information of 2.5 million McLaren patients. Approximately 2,148,749 Michigan residents were sent data breach notice letters advising that certain of their personal information may have been impacted.
McLaren Health Care is a 13-hospital integrated healthcare system based in Grand Blanc, Michigan. Among its facilities is Michigan’s largest network of cancer centers and providers.
If you receive a notification letter or hear about a data breach at one of your medical providers, take these steps to secure your medical and financial accounts:
- Change the passwords on any medical portals you use.
- Check your EOBs from insurers carefully.
- Contact your bank and credit card issuers to place an alert on your accounts.
For more information on how to respond to data breaches, read Attorney General Nessel's consumer alert, Data Breaches: What to Do Next.
If consumers are concerned that their data may have been impacted, they can also consider freezing their credit. A credit freeze prevents creditors—such as banks or lenders—from accessing individuals’ credit reports. This will stop identity thieves from taking out new loans or credit cards in consumer’s names because creditors will not approve their loans or credit requests if they cannot first access their credit reports. By law, a credit bureau must allow you to place, temporarily lift, or remove a credit freeze for free.
When consumers freeze their credit with each bureau, the bureaus will send them a personal identification number. The consumers can then use that PIN to unfreeze their credit if they want to apply for a loan or credit card. Consumers can also use the PIN to freeze their credit again after they have applied for loans or a new credit card.
Individuals will have to freeze their credit with each bureau: Experian, Equifax, and TransUnion.
- Equifax: +1 (888) 766-0008
- Experian: +1 (888) 397-3742
- TransUnion: +1 (800) 680-7289
Cyber attacks in the healthcare sector have been increasing, as well as the severity of the data breaches. The largest data breach in 2023 compromised over 8 million records. In 2022, eight out of the eleven biggest data breaches happened at hospitals or health systems.
Ransomware is one of the most common threats against healthcare organizations. The FBI received 870 complaints of ransomware attacks last year—210 of them from healthcare entities, more than any other sector.
The healthcare industry is highly targeted by cyber attacks because of the large amount of Personal Health Information stored on its systems. These data breaches are costly, with the average breach costing over $11 million to fix.
The McLaren attack comes only months after a ransomware attack on the St. Louis-based Catholic healthcare system Ascension, which operates 15 hospitals in Michigan, and only weeks after Michigan Medicine announced that up to 56,953 patients may have had some health information compromised when employee emails were hacked between May 23 and May 29, 2024.
McLaren has not provided a date for when its systems will be fully functional again.
McLaren Completes Its Internal Investigation
Ten months later, McLaren reveals 740,000 impacted by ransomware attack
A sign for McLaren Medical Laboratory in Flint, Michigan.
By Eli Newman - June 26, 2025* Last summer, hackers accessed sensitive patient information at McLaren Health Care, including medical records and Social Security numbers
* The 12 hospital system concluded an internal review of the cybersecurity breach on May 5 and recently started to inform affected individuals
* The breach was the second in two yearsAfter 10 months, McLaren Health Care has begun to notify more than 740,000 patients that had sensitive personal data and health records exposed during the hospital system’s August 2024 ransomware attack.
The extent of the data extortion scheme, which delayed critical care for chronically ill patients at the Karmanos Cancer Institute and facilities across the state, came to light in recent days as the 12-hospital system based in Grand Blanc posted notice on its website and informed state agencies about the incident.
The cyberattack revealed a range of private files to a group of hackers who use patient data as criminal collateral, including individual medical history, treatment information, Social Security numbers, health insurance and medication records.
Dave Jones, a spokesperson for McLaren, said the hospital system completed its internal investigation with a third-party forensic specialist on May 5 when it determined sensitive patient data had been illegally accessed.
He says the health care system has “followed all regulatory reporting guidelines.”
“Protecting the security and privacy of data in our systems is a top priority,” Jones told Bridge Michigan in an email.
“While there is no evidence of actual or attempted misuse of personal information as a result of the incident, McLaren has begun the process of notifying patients whose data may have been impacted by the event and offering complementary identity protection out of an abundance of caution.”
Federal law requires breaches of protected health information affecting more than 500 people to be reported "without unreasonable delay" and no later than 60 calendar days after discovery.
The US Department of Health and Human Services, which maintains a database of health record breaches required by law, had not posted McLaren’s most recent cybersecurity failure as of June 26.
The agency declined to comment to Bridge Michigan on McLaren.
The Michigan Attorney General’s Office did not respond to Bridge request for comment on the agency’s awareness of the breach or McLaren’s obligation to inform those impacted by the security failure.
It’s the second such ransomware attack for McLaren since October 2023, when the personal health information of at least 2.5 million patients were exposed by the hacker gang BlackCat/ALPHV.
In previous statements, Attorney General Dana Nessel said state law does not require companies to notify the government of significant data breaches, with her office generally learning about consumer-impacting cyberattacks through media reports.
According to the latest available data, the US Department of Health and Human Services Office of Civil Rights is currently reviewing 28 leaks in the state, including those at Michigan Medicine and Catholic Charities West Michigan.
The investigations cover more than 800,000 individuals.
Hacker threats
McLaren has not specified the actors behind the attack, or its response to the extortion scheme, but cybersecurity watchdogs have linked the ransomware breach to the Inc. Ransom cybergang.
Memos reportedly obtained by employees allege the hacker group wanted “nothing more than money” as part of the scheme.
Claudia Rast, a cybersecurity attorney with the Detroit-based law firm Butzel Long, said patient data from ransomware attacks generally end up on the dark web, where the records become available to anybody who wants to buy.
“It’s like a ‘Star Wars’ bar,” Rast told Bridge Michigan. “You don’t want to go there.”
The aftermath of a cyberattack is a “fairly chaotic situation,” Rast explained, with groups like McLaren working first to identify the vulnerabilities that lead to a breach before identifying what exactly was accessed during the hack.
Figuring out which data was taken by groups like Inc. Ransom and BlackCat/ALPHV requires extensive internal audits and data mining processes that often span weeks.
“The threat actors don't label with an Excel spreadsheet… what they took,” she said.
While companies generally employ legal counsel to ensure their compliance with state law and federal statutes like the Health Insurance Portability and Accountability Act and the Health Information Technology for Economic and Clinical Health Act, Rast says their biggest expense is usually the mailing campaigns that follow to inform impacted individuals.
“More often these days, companies have good backups, so they can restore their systems over time,” Rast said. “It's notification and the forensic work that seems to be the greater cost.”
What can patients do?
As part of its consumer alert, McLaren is urging patients to monitor and review their financial statements and insurance claims, offering free credit monitoring and services through the identity theft protection company IDX.
Credit freezes can also help stop identity theft, and companies like Equifax and TransUnion offer a one-year, free fraud alert to monitor for suspicious activity.
But consumer advocates, like Suzanne Bernstein with the privacy protection advocacy group the Electronic Privacy Information Center, worry that breaches like those experienced by McLaren risk “chilling access to health care” as hacking attacks become more frequent.
“We’re often seeing reporting of the breach of really sensitive health information from hospital systems,” said Bernstein. “There's just an increased amount of data collection, which only increases the risk that data has to unauthorized use or breach.”
Bernstein said she worries about a “broader societal harm” as more health information is digitized, advocating for “data minimization” — which requires entities to limit collection based on need.
She highlighted litigation targeting hospital systems’ use of cookies and third-party ad trackers as examples of efforts to challenge data sharing outside of the patient-provider relationship, and advocates for more robust state and federal law that protects health information.
“I think having sectoral but also comprehensive privacy, cybersecurity requirements on the federal level would be great,” Bernstein said. “I sympathize with the reaction of feeling a little helpless as one person compared to a much larger, broader system.”
Get MHF Insights
News and tips for your healthcare freedom.
We never spam you. One-step unsubscribe.
























