McLaren operations restored after August cyberattack

Photo: Joos Mind/Getty Images

Michigan-based McLaren Health Care's information technology platforms have been restored following a cyberattack that occurred earlier this month, with the restoration completed ahead of schedule, officials said. Administrative functions are now fully functional across the state.

With this return to normal operations, all temporary procedures enacted during the disruption have been lifted, McLaren said. Providers at all McLaren Health Care hospitals, Karmanos cancer centers and outpatient clinics once again have access to patients' electronic medical records.

The process of inputting patients' health records that were manually charted during the disruption into the electronic system began over the weekend and is expected to last several weeks.

Clinical operations were largely maintained as McLaren clinical and IT teams progressed in their network restoration efforts, the health system said, and patients of its facilities are encouraged to seek care as they normally would.

As of this week, all emergency departments are open, accepting patients and receiving all conditions arriving via emergency medical service. Patients can schedule outpatient diagnostic imaging procedures, surgeries are proceeding as planned and any postponed elective surgeries have been or are currently being rescheduled.

All radiation therapy units at Karmanos Cancer Institute facilities remain operational, officials said, and McLaren Stroke Network is fully operational, including McLaren's two Comprehensive Stroke Centers, McLaren Flint and McLaren Macomb. Primary and specialty care offices are operational, and patients can make appointments.

WHAT'S THE IMPACT?

The cyberattack, which caused a disruption on August 6, affected the health system's 13 hospitals, cancer centers, surgery centers and clinics.

It came about one year after McLaren was hit with a ransomware attack that exposed the protected health information of about 2.2 million patients. That attack was claimed by the ALPHV/BlackCat ransomware group.

The health system said it was still making progress toward fully restoring its operations, but that its clinical and information technology teams are working diligently with cybersecurity experts to assess the extent of the current attack. It stressed that its hospitals and clinics remain largely operational.

THE LARGER TREND

Cyberattacks on the healthcare sector nearly doubled between 2022 and 2023. There are currently more than 700 active hacking cases under investigation by the U.S. Department of Health and Human Services' Office of Civil Rights (OCR), which also reports a 278% increase in large breaches involving ransomware from 2018 to 2022.

A KnowBe4 report published this summer showed the global healthcare sector experienced a staggering 1,613 cyberattacks per week in the first three quarters of 2023, nearly four times the global average, and a significant increase from the same period the previous year. 

This surge has contributed to a steep rise in cyberattack costs for healthcare organizations, with the average breach cost nearing $11 million – more than three times the global average – making healthcare the costliest sector for cyberattacks.

Ransomware attacks have dominated, accounting for over 70% of successful cyberattacks on healthcare organizations in the past two years.

Jeff Lagasse is editor of Healthcare Finance News.
Email: jlagasse@himss.org
Healthcare Finance News is a HIMSS Media publication.

The HIMSS Healthcare Cybersecurity Forum is scheduled to take place October 31-November 1 in Washington, D.C. Learn more and register.