The Cybercriminal Threat

The infamous ALPHV (BlackCat) group claims responsibility for the McLaren Health Care breach, with threats to release the personal data of 2.5 million patients on the dark web unless a ransom is paid.


The Rising Tide of Ransomware

2023 has seen a record breach compromising over 8 million records. Among the significant breaches of 2022, the majority targeted hospitals or health systems, highlighting the healthcare sector’s vulnerability.

Contact us today!


Michigan Attorney General’s Warning

Dana Nessel emphasizes the importance of swift action post-breach, urging individuals to be proactive in guarding against potential identity theft and underscoring the responsibility of institutions in safeguarding sensitive data.

News > Cyber-Attacks > Ransomware
by Kevin Wood

McLaren Health Care Faces Significant Ransomware Attack



The healthcare industry is reeling

McLaren Health Care, a prominent healthcare provider, has recently fallen victim to a significant cyber-attack. The Michigan Attorney General, Dana Nessel, confirmed the breach, which threatens to expose the personal health data of countless patients.

With a significant presence in Oakland County, McLaren oversees the operations of a hospital in Pontiac, an emergency care facility in Clarkston, and several other medical establishments.

For those unfamiliar with the term, ransomware is a particularly malicious type of software that can paralyze an entire corporate system. Before locking the system, cybercriminals usually extract valuable data, holding it hostage until their ransom demands are met.

The notorious cyber group known as ALPHV, also referred to as BlackCat, has taken credit for this breach. They claim to have obtained the personal health data of an estimated 2.5 million McLaren patients. This group’s nefarious activities aren’t new; they’ve been associated with cyber-attacks on entities like MGM Resorts. ALPHV has warned that the stolen McLaren data will be made public on the dark web if their ransom isn’t paid promptly.

The exact number of affected patients, as well as the specifics of the compromised data, remain uncertain.

Highlighting the vulnerability of our digital infrastructure, Nessel commented, “It’s a stark reminder of how critical it is for institutions handling sensitive data to have robust security protocols in place. We trust these organizations with our most private information, and they must rise to the occasion.”

McLaren has recognized the cyber-attack during media interactions and is currently delving into claims that some of their compromised data is circulating on the dark web. They intend to alert any affected individuals as and when necessary. At this time, there’s no evidence suggesting ALPHV has continued access to McLaren’s IT infrastructure. The healthcare giant is cooperating with law enforcement agencies and has enlisted the expertise of cybersecurity professionals.

The initial signs of this breach were detected by McLaren in August when they noticed irregularities in their IT operations. This prompted them to isolate their network for thorough inspection, causing temporary disruptions. However, the quality and availability of patient care remained consistent across all their facilities.

Nessel emphasized the urgency of addressing such breaches, stating, “Swift action post-breach is essential to help individuals guard against potential identity theft.”

Although The Oakland Press reached out to McLaren for a statement, they chose not to comment directly.

Headquartered in Grand Blanc, McLaren is a comprehensive 15-hospital system. Among its various services, it boasts Michigan’s premier network of oncology centers and professionals.

It’s essential to be vigilant and recognize any anomalies in your medical records. Warning signs of unauthorized use include unfamiliar medical bills, discrepancies in your benefits statements, unexpected medical debt collection calls, or insurance denials due to unreported pre-existing conditions.

Recent years have seen a surge in cyberattacks targeting the healthcare industry, with the repercussions of these breaches growing more severe. 2023 witnessed a record breach affecting over 8 million records. Out of the most significant breaches in 2022, hospitals or health systems were the primary victims in eight instances.

Ransomware attacks are becoming increasingly prevalent, especially in the healthcare sector. In the previous year alone, the FBI recorded 870 ransomware complaints, with healthcare entities accounting for a staggering 210 of these reports.

Owing to the immense volume of confidential health information they manage, healthcare organizations are prime targets for cyberattacks. The financial repercussions of these breaches are substantial, averaging over $11 million per incident.

If you’ve been notified or suspect a breach at a healthcare provider you’re affiliated with, it’s advised to update passwords for any medical portals, scrutinize insurer statements, and alert your financial institutions.

For a comprehensive guide on handling data breaches, visit the Michigan Attorney General’s official website at

  • Industry Leaders: BBG is at the forefront of disaster recovery solutions, ensuring businesses can bounce back quickly and effectively from any unforeseen event.
  • Ransomware Specialists: We offer cutting-edge ransomware mitigation techniques, ensuring that your data remains protected against evolving cyber threats.
  • Tailored Solutions: Our team of experts assesses each business’s unique needs, delivering bespoke strategies to fortify and recover critical data systems.
  • Get in Touch: Secure your business’s future with BBG. Reach out to our dedicated team at for a comprehensive consultation.