November 10, 2023 at 10:32AM
McLaren Health Care has experienced a data breach, impacting nearly 2.2 million individuals. The breach occurred between late July and August and exposed sensitive personal information, including names, Social Security numbers, and medical data. McLaren has notified affected individuals and authorities, and is providing identity protection services. While there is no evidence of misuse, caution is recommended. The ransomware group ALPHV/BlackCat has claimed responsibility for the attack and threatens to auction the stolen data.
Key Takeaways from the Meeting Notes:
1. McLaren Health Care experienced a data breach between late July and August, compromising the personal information of nearly 2.2 million people.
2. The breach exposed sensitive data such as full names, Social Security numbers, health insurance information, and medical records.
3. McLaren promptly notified affected individuals, published a statement on its website, and informed U.S. authorities about the breach.
4. Investigations conducted with the help of external cybersecurity experts confirmed that the breach began on July 28, 2023.
5. McLaren is currently offering affected individuals instructions on enrolling in identity protection services for 12 months.
6. While there is no current evidence of misuse, impacted individuals are advised to monitor their financial statements and report any unusual activity.
7. The ALPHV/BlackCat ransomware group claimed responsibility for the cyberattack on McLaren’s network in October.
8. The threat actors have shared samples of stolen data and threatened to auction off the entire data set, impacting around 2.5 million people.