McLaren Health Care said its technology platforms have been fully restored following an Aug. 5 ransomware attack that disrupted operations at all 13 of its hospitals, surgery, infusion and imaging centers, along with its network of 113,000 medical providers throughout Michigan, Indiana and Ohio.
"All temporary procedures enacted during the disruption have been lifted," McLaren said in a statement issued Monday. "Providers at all McLaren Health Care hospitals, Karmanos cancer centers, and outpatient clinics again have access to patients’ electronic medical records."
Appointments now can be scheduled and surgeries that were postponed during the ransomware attack are now being rescheduled, the health system said.
"We have been largely operational for some time, and our staff has been reaching out to patients for the past couple of weeks to reschedule appointments impacted by the event," said David Jones, a McLaren spokesperson.
It could be a few more weeks, however, before details about medical care that took place over the last three weeks will be visible in patients' electronic charts. That's because McLaren staff will have to manually input lab and imaging test results, notes from office visits, surgeries, and other care that occurred during the tech disruption. It's a process that began over the weekend "and is expected to last several weeks," McLaren said.
Patients told the Free Press earlier this month that the ransomware attack led to the cancellation of cardiac tests and radiation treatments for cancer during the tech disruption. Some ambulances were diverted from McLaren hospitals and appointments had to be canceled because physicians couldn't access radiology reports, lab test results or orders for additional testing and procedures.
Some hourly employees told the Free Press that McLaren required them to use up all their paid time off during the tech disruption, and when that ran out, they went unpaid.
This was the second ransomware attack at Grand Blanc-based McLaren within a year. A ransomware gang known as BlackCat/AlphV claimed responsibility for another crippling tech disruption that began in August 2023. The group claimed in a post online that it stole 6 terabytes of data, including the personal information of 2.5 million patients.
McLaren reported at the time that it had shut down its own computer networks "out of an abundance of caution" after its information technology security team found suspicious activity during routine monitoring.
It's still unclear whether the latest McLaren ransomware attack led to a breach of protected personal or health data about patients or employees.
"McLaren is continuing its work with cybersecurity experts to determine what, if any, patient or employee information was compromised," the health system said. "If it is determined that any protected health information (PHI) or personal information was compromised, those individuals will be contacted directly."
McLaren isn't alone in dealing with the fallout of cybercriminals in the health care sector.
In May, 140 Ascension hospitals in the U.S. were struck by a cyberattack, cutting off electronic access to medical records, lab test results, radiology imaging and even impaired the ability for doctors to issue medical orders. At Ascension's Michigan hospitals, ambulances were diverted and there were hourslong delays in treating even critically ill patients, employees told the Free Press .
More: McLaren patients say they can't get cancer treatments, heart tests in wake of cyberattack
More: How to protect yourself from health care cybersecurity breaches
Also in May, the personal information of more than 56,000 people — including names, medical record numbers, addresses, dates of birth, diagnostic and treatment information, and health insurance details — was compromised in a cyberattack at Michigan Medicine, the academic medical center of the University of Michigan.
From 2018-22, there was a 93% rise in large cybersecurity breaches reported to the U.S. Department of Health and Human Services Office for Civil Rights and a 278% increase in large breaches involving ransomware, the agency reported .
These breaches can cause disruptions to the care of patients, delay medical procedures and put patient safety at risk.
“Our experience has made clear that cyberattacks against our health care infrastructure are an industrywide problem, and it’s not hyperbole to call health care cybercrime a national security threat," said Phil Incarnati, president and CEO of McLaren, in a statement issued earlier this month.
“I’m committed to working with my fellow providers, elected officials, law enforcement and cyber experts to find ways to hold these criminals accountable and prevent their entry into our systems."
Contact Kristen Shamus: kshamus@freepress.com. Subscribe to the Free Press .
This article originally appeared on Detroit Free Press: McLaren Health Care systems restored after weeks of disruption from ransomware attack
Most Popular
Comments / 0