McLaren HealthCare in Michigan Hit by Ransomware

Estimated read time 3 min read

Are you keeping tabs on the escalating number of ransomware attacks on healthcare systems? According to The Record1, McLaren HealthCare, one of Michigan’s largest healthcare systems, is the latest to join the unfortunate list.

The organization has confirmed a ransomware attack, raising concerns about data security and patient care.

What Happened?

McLaren HealthCare2 detected suspicious activities on its computer network and promptly initiated an investigation. A spokesperson for the organization revealed that they had indeed experienced a ransomware event.

They are currently investigating reports that some of their data might be available on the dark web. If any individuals are impacted, they will be notified as soon as possible. You can imagine the amount of pressure there is to have this question answered…

Who is McLaren HealthCare?

Operating 13 hospitals across Michigan, McLaren HealthCare is more than just a network of hospitals. They also run infusion centers, cancer centers, primary and specialty care offices, and even have their own medical malpractice insurance company. The organization employs over 28,000 people, making it a significant entity in the healthcare industry.

The Extent of the Damage

Earlier this month, McLaren reported outages affecting its billing and electronic health record systems. According to the Detroit Free Press, the situation escalated to the point where the organization had to shut down computer networks at 14 different facilities3. This disruption was so severe that employees resorted to using their personal phones for communication.

The health system had to shut down its computer network at 14 of its hospitals to investigate the incident. One employee told the publication that staff had to use personal cellphones to communicate during the shutdown.

Who is Behind the Attack?

The notorious Black Cat/AlphV ransomware gang has taken credit for this cyber assault4. They claim to have stolen 6 terabytes of data, potentially affecting millions and including videos of hospital operations. This gang has targeted healthcare institutions before, causing public outrage for their unscrupulous actions.

Official Responses and Measures

McLaren has retained global cybersecurity experts to assist in their ongoing investigation and has been in touch with law enforcement agencies. Although they have taken measures to strengthen their cybersecurity posture, it is still unclear whether the affected systems are fully functional again5.

Broader Context

This attack comes on the heels of ransomware attacks on other major U.S. healthcare networks. Just last month, hospitals in four states had to cancel appointments and revert to paper records due to similar attacks. The issue has reached Congress, where House members are conducting hearings to address the crisis6.


The ransomware attack on McLaren HealthCare underscores the growing vulnerability of healthcare systems to cyber threats. While the organization is taking steps to mitigate the impact, the incident serves as a stern reminder of the need for robust cybersecurity measures across the healthcare industry.

  1. ↩︎
  2. ↩︎
  3. ↩︎
  4. ↩︎
  5. ↩︎
  6. ↩︎
Reza Rafati

Reza Rafati, based in the Netherlands, is the founder of An industry professional providing insightful commentary on infosec, cybercrime, cyberwar, and threat intelligence, Reza dedicates his work to bolster digital defenses and promote cyber awareness.

You May Also Like

More From Author

+ There are no comments

Add yours