securityaffairs.com
Open in
urlscan Pro
2606:4700:3031::ac43:8cd3
Public Scan
URL:
https://securityaffairs.com/154014/data-breach/mclaren-health-care-data-breach.html
Submission: On November 13 via api from TR — Scanned from DE
Submission: On November 13 via api from TR — Scanned from DE
Form analysis 3 forms found in the DOM
GET https://securityaffairs.com
<form method="get" action="https://securityaffairs.com">
<input type="search" name="s" placeholder="Search.." class="site-search-field" value="">
<input type="submit" class="sm-icon">
</form><form class="comment">
<div class="row">
<div class="col-sm-12 col-md-6 col-lg-6">
<div class="mb-3">
<input type="name" name="cmnt_auth_name" class="form-control cmnt_auth_name" placeholder="Name">
</div>
</div>
<div class="col-sm-12 col-md-6 col-lg-6">
<div class="mb-3">
<input type="email" name="cmnt_auth_email" class="form-control cmnt_auth_email" placeholder="Email">
</div>
</div>
<div class="col-sm-12 col-md-12 col-lg-12">
<div class="mb-3">
<textarea name="cmnt_msg" class="form-control cmnt_msg" placeholder="Comments" rows="3"></textarea>
</div>
</div>
<div class="col-sm-12 col-md-12 col-lg-12">
<input class="cmnt_submit_btn btn btn-blue btn-inline btn-big" type="submit" name="cmnt_submit" value="Leave comment">
<input type="hidden" name="pid" class="pid" value="MTU0MDE0">
<input type="hidden" name="parentcommentid" class="parentcommentid" value="0">
</div>
</div>
</form>POST /154014/data-breach/mclaren-health-care-data-breach.html#wpcf7-f149934-p154014-o1
<form action="/154014/data-breach/mclaren-health-care-data-breach.html#wpcf7-f149934-p154014-o1" method="post" class="wpcf7-form init" aria-label="Contact form" novalidate="novalidate" data-status="init">
<div style="display: none;">
<input type="hidden" name="_wpcf7" value="149934">
<input type="hidden" name="_wpcf7_version" value="5.8.2">
<input type="hidden" name="_wpcf7_locale" value="en_US">
<input type="hidden" name="_wpcf7_unit_tag" value="wpcf7-f149934-p154014-o1">
<input type="hidden" name="_wpcf7_container_post" value="154014">
<input type="hidden" name="_wpcf7_posted_data_hash" value="">
</div>
<div class="form-field"><span class="wpcf7-form-control-wrap" data-name="your-email"><input size="40" class="wpcf7-form-control wpcf7-email wpcf7-validates-as-required wpcf7-text wpcf7-validates-as-email" autocomplete="email" aria-required="true"
aria-invalid="false" placeholder="Your email address" value="" type="email" name="your-email"></span><input class="wpcf7-form-control wpcf7-submit has-spinner" type="submit" value="SIGN UP"><span class="wpcf7-spinner"></span></div>
<div class="wpcf7-response-output" aria-hidden="true"></div>
</form>Text Content
WE VALUE YOUR PRIVACY We and our partners store and/or access information on a device, such as cookies and process personal data, such as unique identifiers and standard information sent by a device for personalised ads and content, ad and content measurement, and audience insights, as well as to develop and improve products. With your permission we and our partners may use precise geolocation data and identification through device scanning. You may click to consent to our and our 727 partners’ processing as described above. Alternatively you may access more detailed information and change your preferences before consenting or to refuse consenting. Please note that some processing of your personal data may not require your consent, but you have a right to object to such processing. Your preferences will apply to this website only. You can change your preferences at any time by returning to this site or visit our privacy policy. MORE OPTIONSAGREE * Home * Cyber Crime * Cyber warfare * APT * Data Breach * Deep Web * Digital ID * Hacking * Hacktivism * Intelligence * Internet of Things * Laws and regulations * Malware * Mobile * Reports * Security * Social Networks * Terrorism * ICS-SCADA * POLICIES * Contact me MUST READ The Lorenz ransomware group hit Texas-based Cogdell Memorial Hospital | The State of Maine disclosed a data breach that impacted 1.3M people | Security Affairs newsletter Round 445 by Pierluigi Paganini – INTERNATIONAL EDITION | Police seized BulletProftLink phishing-as-a-service (PhaaS) platform | Serbian pleads guilty to running ‘Monopoly’ dark web drug market | McLaren Health Care revealed that a data breach impacted 2.2 million people | After ChatGPT, Anonymous Sudan took down the Cloudflare website | Industrial and Commercial Bank of China (ICBC) suffered a ransomware attack | SysAid zero-day exploited by Clop ransomware group | Dolly.com pays ransom, attackers release data anyway | DDoS attack leads to significant disruption in ChatGPT services | Russian Sandworm disrupts power in Ukraine with a new OT attack | Veeam fixed multiple flaws in Veeam ONE, including critical issues | Pro-Palestinian hackers group 'Soldiers of Solomon' disrupted the production cycle of the biggest flour production plant in Israel | Iranian Agonizing Serpens APT is targeting Israeli entities with destructive cyber attacks | Critical Confluence flaw exploited in ransomware attacks | QNAP fixed two critical vulnerabilities in QTS OS and apps | Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure | Socks5Systemz proxy service delivered via PrivateLoader and Amadey | US govt sanctioned a Russian woman for laundering virtual currency on behalf of threat actors | Security Affairs newsletter Round 444 by Pierluigi Paganini – INTERNATIONAL EDITION | Lazarus targets blockchain engineers with new KandyKorn macOS Malware | Kinsing threat actors probed the Looney Tunables flaws in recent attacks | ZDI discloses four zero-day flaws in Microsoft Exchange | Okta customer support system breach impacted 134 customers | Multiple WhatsApp mods spotted containing the CanesSpy Spyware | Russian FSB arrested Russian hackers who supported Ukrainian cyber operations | MuddyWater has been spotted targeting two Israeli entities | Clop group obtained access to the email addresses of about 632,000 US federal employees | Okta discloses a new data breach after a third-party vendor was hacked | Suspected exploitation of Apache ActiveMQ flaw CVE-2023-46604 to install HelloKitty ransomware | Boeing confirmed its services division suffered a cyberattack | Resecurity: Insecurity of 3rd-parties leads to Aadhaar data leaks in India | Who is behind the Mozi Botnet kill switch? | CISA adds two F5 BIG-IP flaws to its Known Exploited Vulnerabilities catalog | Threat actors actively exploit F5 BIG-IP flaws CVE-2023-46747 and CVE-2023-46748 | Pro-Hamas hacktivist group targets Israel with BiBi-Linux wiper | British Library suffers major outage due to cyberattack | Critical Atlassian Confluence flaw can lead to significant data loss | WiHD leak exposes details of all torrent users | Experts released PoC exploit code for Cisco IOS XE flaw CVE-2023-20198 | Canada bans WeChat and Kaspersky apps on government-issued mobile devices | Florida man sentenced to prison for SIM Swapping conspiracy that led to theft of $1M in cryptocurrency | Wiki-Slack attack allows redirecting business professionals to malicious websites | HackerOne awarded over $300 million bug hunters | StripedFly, a complex malware that infected one million devices without being noticed | IT Army of Ukraine disrupted internet providers in territories occupied by Russia | Security Affairs newsletter Round 443 by Pierluigi Paganini – INTERNATIONAL EDITION | Bug hunters earned $1,038,250 for 58 unique 0-days at Pwn2Own Toronto 2023 | Lockbit ransomware gang claims to have stolen data from Boeing | How to Collect Market Intelligence with Residential Proxies? | F5 urges to address a critical flaw in BIG-IP | Hello Alfred app exposes user data | iLeakage attack exploits Safari to steal data from Apple devices | Cloudflare mitigated 89 hyper-volumetric HTTP distributed DDoS attacks exceeding 100 million rps | Seiko confirmed a data breach after BlackCat attack | Winter Vivern APT exploited zero-day in Roundcube webmail software in recent attacks | Pwn2Own Toronto 2023 Day 1 - organizers awarded $438,750 in prizes | VMware addressed critical vCenter flaw also for End-of-Life products | Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately | New England Biolabs leak sensitive data | Former NSA employee pleads guilty to attempted selling classified documents to Russia | Experts released PoC exploit code for VMware Aria Operations for Logs flaw. Patch it now! | How did the Okta Support breach impact 1Password? | PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web | Spain police dismantled a cybercriminal group who stole the data of 4 million individuals | CISA adds second Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog | Cisco warns of a second IOS XE zero-day used to infect devices worldwide | City of Philadelphia suffers a data breach | SolarWinds fixed three critical RCE flaws in its Access Rights Manager product | Don't use AI-based apps, Philippine defense ordered its personnel | Vietnamese threat actors linked to DarkGate malware campaign | MI5 chief warns of Chinese cyber espionage reached an unprecedented scale | The attack on the International Criminal Court was targeted and sophisticated | Security Affairs newsletter Round 442 by Pierluigi Paganini – INTERNATIONAL EDITION | A threat actor is selling access to Facebook and Instagram's Police Portal | Threat actors breached Okta support system and stole customers' data | US DoJ seized domains used by North Korean IT workers to defraud businesses worldwide | Alleged developer of the Ragnar Locker ransomware was arrested | CISA adds Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog | Tens of thousands Cisco IOS XE devices were hacked by exploiting CVE-2023-20198 | Law enforcement operation seized Ragnar Locker group's infrastructure | THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT! | North Korea-linked APT groups actively exploit JetBrains TeamCity flaw | Multiple APT groups exploited WinRAR flaw CVE-2023-38831 | Californian IT company DNA Micro leaks private mobile phone data | Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August | A flaw in Synology DiskStation Manager allows admin account takeover | D-Link confirms data breach, but downplayed the impact | CVE-2023-20198 zero-day widely exploited to install implants on Cisco IOS XE systems | Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers | Ransomware realities in 2023: one employee mistake can cost a company millions | Malware-laced 'RedAlert - Rocket Alerts' app targets Israeli users | Cisco warns of active exploitation of IOS XE zero-day | Signal denies claims of an alleged zero-day flaw in its platform | Microsoft Defender thwarted Akira ransomware attack on an industrial engineering firm | DarkGate malware campaign abuses Skype and Teams | The Alphv ransomware gang stole 5TB of data from the Morrison Community Hospital | Security Affairs newsletter Round 441 by Pierluigi Paganini – INTERNATIONAL EDITION | Lockbit ransomware gang demanded an 80 million ransom to CDW | CISA warns of vulnerabilities and misconfigurations exploited in ransomware attacks | Stayin' Alive campaign targets high-profile Asian government and telecom entities. Is it linked to ToddyCat APT? | FBI and CISA published a new advisory on AvosLocker ransomware | More than 17,000 WordPress websites infected with the Balada Injector in September | Ransomlooker, a new tool to track and analyze ransomware groups' activities | Phishing, the campaigns that are targeting Italy | A new Magecart campaign hides the malicious code in 404 error page | CISA adds Adobe Acrobat Reader flaw to its Known Exploited Vulnerabilities catalog | Mirai-based DDoS botnet IZ1H9 added 13 payloads to target routers | Air Europa data breach exposed customers' credit cards | #OpIsrael, #FreePalestine & #OpSaudiArabia - How Cyber Actors Capitalize On War Actions Via Psy-Ops | Microsoft Patch Tuesday updates for October 2023 fixed three actively exploited zero-day flaws | New 'HTTP/2 Rapid Reset' technique behind record-breaking DDoS attacks | Exposed security cameras in Israel and Palestine pose significant risks | A flaw in libcue library impacts GNOME Linux systems | Hacktivists in Palestine and Israel after SCADA and other industrial control systems | Large-scale Citrix NetScaler Gateway credential harvesting campaign exploits CVE-2023-3519 | The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum | Gaza-linked hackers and Pro-Russia groups are targeting Israel | Flagstar Bank suffered a data breach once again | Android devices shipped with backdoored firmware as part of the BADBOX network | Security Affairs newsletter Round 440 by Pierluigi Paganini – International edition | North Korea-linked Lazarus APT laundered over $900 million through cross-chain crime | QakBot threat actors are still operational after the August takedown | Ransomware attack on MGM Resorts costs $110 Million | Cybersecurity, why a hotline number could be important? | Multiple experts released exploits for Linux local privilege escalation flaw Looney Tunables | Cisco Emergency Responder is affected by a critical Static Credentials bug. Fix it immediately! | Belgian intelligence service VSSE accused Alibaba of ‘possible espionage’ at European hub in Liege | CISA adds JetBrains TeamCity and Windows flaws to its Known Exploited Vulnerabilities catalog | NATO is investigating a new cyber attack claimed by the SiegedSec group | Global CRM Provider Exposed Millions of Clients’ Files Online | Sony sent data breach notifications to about 6,800 individuals | Apple fixed the 17th zero-day flaw exploited in attacks | Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks | A cyberattack disrupted Lyca Mobile services | Chipmaker Qualcomm warns of three actively exploited zero-days | DRM Report Q2 2023 - Ransomware threat landscape | Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform | San Francisco’s transport agency exposes drivers’ parking permits and addresses | BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums | Exclusive: Lighting the Exfiltration Infrastructure of a LockBit Affiliate (and more) | Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV | European Telecommunications Standards Institute (ETSI) suffered a data breach | WS_FTP flaw CVE-2023-40044 actively exploited in the wild | National Logistics Portal (NLP) data leak: seaports in India were left vulnerable to takeover by hackers | North Korea-linked Lazarus targeted a Spanish aerospace company | Ransomware attack on Johnson Controls may have exposed sensitive DHS data | BlackCat gang claims they stole data of 2.5 million patients of McLaren Health Care | Security Affairs newsletter Round 439 by Pierluigi Paganini – International edition | ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One | FBI warns of dual ransomware attacks | Progress Software fixed two critical severity flaws in WS_FTP Server | Child abuse site taken down, organized child exploitation crime suspected – exclusive | A still unpatched zero-day RCE impacts more than 3.5M Exim servers | Chinese threat actors stole around 60,000 emails from US State Department in Microsoft breach | Misconfigured WBSC server leaks thousands of passports | CISA adds JBoss RichFaces Framework flaw to its Known Exploited Vulnerabilities catalog | Cisco urges to patch actively exploited IOS zero-day CVE-2023-20109 | Dark Angels Team ransomware group hit Johnson Controls | GOOGLE FIXED THE FIFTH CHROME ZERO-DAY OF 2023 | Russian zero-day broker is willing to pay $20M for zero-day exploits for iPhones and Android devices | China-linked APT BlackTech was spotted hiding in Cisco router firmware | Watch out! CVE-2023-5129 in libwebp library affects millions applications | DarkBeam leaks billions of email and password combinations | 'Ransomed.vc' in the Spotlight - What is Known About the Ransomware Group Targeting Sony and NTT Docomo | Top 5 Problems Solved by Data Lineage | Threat actors claim the hack of Sony, and the company investigates | Canadian Flair Airlines left user data leaking for months | The Rhysida ransomware group hit the Kuwait Ministry of Finance | BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients | Xenomorph malware is back after months of hiatus and expands the list of targets | Smishing Triad Stretches Its Tentacles into the United Arab Emirates | Crooks stole $200 million worth of assets from Mixin Network | A phishing campaign targets Ukrainian military entities with drone manual lures | Alert! Patch your TeamCity instance to avoid server hack | Is Gelsemium APT behind a targeted attack in Southeast Asian Government? | Nigerian National pleads guilty to participating in a millionaire BEC scheme | New variant of BBTok Trojan targets users of +40 banks in LATAM | Deadglyph, a very sophisticated and unknown backdoor targets the Middle East | Alphv group claims the hack of Clarion, a global manufacturer of audio and video equipment for cars | Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition | National Student Clearinghouse data breach impacted approximately 900 US schools | Government of Bermuda blames Russian threat actors for the cyber attack | Recently patched Apple and Chrome zero-days exploited to infect devices in Egypt with Predator spyware | CISA adds Trend Micro Apex One and Worry-Free Business Security flaw to its Known Exploited Vulnerabilities catalog | Information of Air Canada employees exposed in recent cyberattack | Sandman APT targets telcos with LuaDream backdoor | Apple rolled out emergency updates to address 3 new actively exploited zero-day flaws | Ukrainian hackers are behind the Free Download Manager supply chain attack | Space and defense tech maker Exail Technologies exposes database access | Pro-Russia hacker group NoName launched a DDoS attack on Canadian airports causing severe disruptions | Experts found critical flaws in Nagios XI network monitoring software | The dark web drug marketplace PIILOPUOTI was dismantled by Finnish Customs | International Criminal Court hit with a cyber attack | GitLab addressed critical vulnerability CVE-2023-5009 | Trend Micro addresses actively exploited zero-day in Apex One and other security Products | ShroudedSnooper threat actors target telecom companies in the Middle East | Recent cyber attack is causing Clorox products shortage | Earth Lusca expands its arsenal with SprySOCKS Linux malware | Microsoft AI research division accidentally exposed 38TB of sensitive data | German intelligence warns cyberattacks could target liquefied natural gas (LNG) terminals | Deepfake and smishing. How hackers compromised the accounts of 27 Retool customers in the crypto industry | FBI hacker USDoD leaks highly sensitive TransUnion data | North Korea's Lazarus APT stole almost $240 million in crypto assets since June | Clop gang stolen data from major North Carolina hospitals | CardX released a data leak notification impacting their customers in Thailand | Security Affairs newsletter Round 437 by Pierluigi Paganini – International edition | TikTok fined €345M by Irish DPC for violating children’s privacy | Dariy Pankov, the NLBrute malware author, pleads guilty | Dangerous permissions detected in top Android health apps | Caesars Entertainment paid a ransom to avoid stolen data leaks | Free Download Manager backdoored to serve Linux malware for more than 3 years | Lockbit ransomware gang hit the Carthage Area Hospital and the Clayton-Hepburn Medical Center in New York | The iPhone of a Russian journalist was infected with the Pegasus spyware | Kubernetes flaws could lead to remote code execution on Windows endpoints | Threat actor leaks sensitive data belonging to Airbus | A new ransomware family called 3AM appears in the threat landscape | Redfly group infiltrated an Asian national grid as long as six months | Mozilla fixed a critical zero-day in Firefox and Thunderbird | Microsoft September 2023 Patch Tuesday fixed 2 actively exploited zero-day flaws | Save the Children confirms it was hit by cyber attack | Adobe fixed actively exploited zero-day in Acrobat and Reader | A new Repojacking attack exposed over 4,000 GitHub repositories to hack | MGM Resorts hit by a cyber attack | Anonymous Sudan launched a DDoS attack against Telegram | Iranian Charming Kitten APT targets various entities in Brazil, Israel, and the U.A.E. using a new backdoor | GOOGLE FIXED THE FOURTH CHROME ZERO-DAY OF 2023 | CISA adds recently discovered Apple zero-days to Known Exploited Vulnerabilities Catalog | UK and US sanctioned 11 members of the Russia-based TrickBot gang | New HijackLoader malware is rapidly growing in popularity in the cybercrime community | Some of TOP universities wouldn’t pass cybersecurity exam: left websites vulnerable | Evil Telegram campaign: Trojanized Telegram apps found on Google Play | Rhysida Ransomware gang claims to have hacked three more US hospitals | Akamai prevented the largest DDoS attack on a US financial company | Security Affairs newsletter Round 436 by Pierluigi Paganini – International edition | US CISA added critical Apache RocketMQ flaw to its Known Exploited Vulnerabilities catalog | Ragnar Locker gang leaks data stolen from the Israel's Mayanei Hayeshua hospital | North Korea-linked threat actors target cybersecurity experts with a zero-day | Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks | Zero-days fixed by Apple were used to deliver NSO Group’s Pegasus spyware | Apple discloses 2 new actively exploited zero-day flaws in iPhones, Macs | A malvertising campaign is delivering a new version of the macOS Atomic Stealer | Two flaws in Apache SuperSet allow to remotely hack servers | Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake | Google addressed an actively exploited zero-day in Android | A zero-day in Atlas VPN Linux Client leaks users' IP address | MITRE and CISA release Caldera for OT attack emulation | ASUS routers are affected by three critical remote code execution flaws | Hackers stole $41M worth of crypto assets from crypto gambling firm Stake | Freecycle data breach impacted 7 Million users | Meta disrupted two influence campaigns from China and Russia | A massive DDoS attack took down the site of the German financial agency BaFin | "Smishing Triad" Targeted USPS and US Citizens for Data Theft | University of Sydney suffered a security breach caused by a third-party service provider | Cybercrime will cost Germany $224 billion in 2023 | PoC exploit code released for CVE-2023-34039 bug in VMware Aria Operations for Networks | Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition | LockBit ransomware gang hit the Commission des services electriques de Montréal (CSEM) | UNRAVELING EternalBlue: inside the WannaCry’s enabler | Researchers released a free decryptor for the Key Group ransomware | Fashion retailer Forever 21 data breach impacted +500,000 individuals | Russia-linked hackers target Ukrainian military with Infamous Chisel Android malware | Akira Ransomware gang targets Cisco ASA without Multi-Factor Authentication | Paramount Global disclosed a data breach | National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization | Abusing Windows Container Isolation Framework to avoid detection by security products | Critical RCE flaw impacts VMware Aria Operations Networks | UNC4841 threat actors hacked US government email servers exploiting Barracuda ESG flaw | Hackers infiltrated Japan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC) for months | FIN8-linked actor targets Citrix NetScaler systems | Japan's JPCERT warns of new 'MalDoc in PDF' attack technique | Attackers can discover IP address by sending a link over the Skype mobile app | Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software | Cloud and hosting provider Leaseweb took down critical systems after a cyber attack | Crypto investor data exposed by a SIM swapping attack against a Kroll employee | China-linked Flax Typhoon APT targets Taiwan | Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035 | Resecurity identified a zero-day vulnerability in Schneider Electric Accutech Manager | * Home * Cyber Crime * Cyber warfare * APT * Data Breach * Deep Web * Digital ID * Hacking * Hacktivism * Intelligence * Internet of Things * Laws and regulations * Malware * Mobile * Reports * Security * Social Networks * Terrorism * ICS-SCADA * POLICIES * Contact me Ad * Home * Breaking News * Cyber Crime * Data Breach * Malware * McLaren Health Care revealed that a data breach impacted 2.2 million people MCLAREN HEALTH CARE REVEALED THAT A DATA BREACH IMPACTED 2.2 MILLION PEOPLE Pierluigi Paganini November 10, 2023 MCLAREN HEALTH CARE (MCLAREN) EXPERIENCED A DATA BREACH THAT COMPROMISED THE SENSITIVE PERSONAL INFORMATION OF APPROXIMATELY 2.2 MILLION INDIVIDUALS. McLaren Health Care (McLaren) disclosed a data breach that occurred between late July and August. The security breach exposed the sensitive personal information of 2,192,515 people. McLaren Health Care is a nonprofit health care organization based in Grand Blanc, Michigan, USA. It is a $6.6 billion, fully integrated health care delivery system committed to quality, evidence-based patient care and cost efficiency. The McLaren operates 14 hospitals in Michigan, ambulatory surgery centers, imaging centers, a 490-member employed primary and specialty care physician network, commercial and Medicaid HMOs covering more than 732,838 lives in Michigan and Indiana, home health, infusion and hospice providers, pharmacy services, a clinical laboratory network and a wholly owned medical malpractice insurance company. Ad The company became aware of anomalous activity on or about August 22, 2023, and immediately launched an investigation with the help of third-party forensic experts. The investigation revealed that threat actors gained unauthorized access to McLaren’s network between July 28, 2023, and August 23, 2023. “On August 31, 2023, McLaren learned the unauthorized actor had the ability to acquire certain information stored on the network during the period of access. As part of an ongoing investigation, McLaren undertook a thorough review of the potentially impacted files to determine whether any sensitive information was present. It was through this process, which concluded on October 10, 2023, that McLaren determined that information pertaining to certain individuals may have been included in the potentially impacted files.” reads the notice of data breach sent to the Maine Attorney General. Exposed information varied by individual and may include some combination of certain individuals’ names, social Security number, health insurance information, date of birth, and medical information. including billing or claims information, diagnosis, physician information, medical record number, Medicare/Medicaid information, prescription/medication information, diagnostic and treatment information. McLaren announced to have secured its network and is working to review its existing policies and procedures and to implement additional security measure to protect its infrastructure. The company also notified U.S. authorities and the impacted individuals. McLaren offers to impacted individuals an identity protection services for 12 months. The company recommends impacted individuals to remain vigilant and monitor their bank account activity. “While there is currently no evidence that your information has been misused, we recommend that you remain vigilant, monitor and review all of your financial and account statements and explanations of benefits, and report any unusual activity to the institution of record and to law enforcement.” continues the notice. “In addition, we are offering identity theft protection services through IDX, a data breach and recovery services expert. IDX identity protection services offered by McLaren include: <<12 months/24 months>> of credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed identity theft recovery services.” In early October, 2023, the ALPHV/BlackCat ransomware gang added McLaren Health Care to the list of victims on its Tor leak site. The group claimed to have stolen data belonging to 2.5 million of McLaren Health Care patients. The ransomware group accused the organization of having attempted to cover up the security breach. The ransomware gang also added that they have still access to the network of the organization. “It would have been more interesting if a Mclaren representative had talked in an interview about how they asked not to publish the stolen data and skillfully wanted to cover up the fact that their network had been hacked. Mclaren were preparing a way out and ended up devaluing the sensitive data of 2.5 million of their patients. Protecting the privacy and interests of your customers is nothing more than lip service. Maclaren Your security is at an all-time low, and we’ve proven it to you. Our backdoor is still running on your network, you decided to play with us, we have a great sense of humor too, and we know how to have fun.” See you again……..” reads the message published by the ALPHV gang on its leak site. The Alphv ransomware group has been very active in this period, recently it claimed to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles, and the hotel chain Motel One. The cyber security researcher Dominic Alvieri reported that ALPHV BlackCat Ransomware has breached 15 more US hospitals & 2 HMOs. BlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and includes industrial explosives manufacturer SOLAR INDUSTRIES INDIA, the US defense contractor NJVC, gas pipeline Creos Luxembourg S.A., the fashion giant Moncler, the Swissport, NCR, and Western Digital. The ransom demands of the group range from a few tens of thousands of dollars up to tens of millions of dollars. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini (SecurityAffairs – hacking, McLaren Health Care) -------------------------------------------------------------------------------- facebook linkedin twitter -------------------------------------------------------------------------------- BlackCat/ALPHV ransomware Cybercrime data breach Hacking hacking news information security news IT Information Security malware McLaren Health Care Pierluigi Paganini Security Affairs Security News YOU MIGHT ALSO LIKE Pierluigi Paganini November 12, 2023 THE LORENZ RANSOMWARE GROUP HIT TEXAS-BASED COGDELL MEMORIAL HOSPITAL Read more Pierluigi Paganini November 12, 2023 THE STATE OF MAINE DISCLOSED A DATA BREACH THAT IMPACTED 1.3M PEOPLE Read more LEAVE A COMMENT NEWSLETTER SUBSCRIBE TO MY EMAIL LIST AND STAY UP-TO-DATE! RECENT ARTICLES THE LORENZ RANSOMWARE GROUP HIT TEXAS-BASED COGDELL MEMORIAL HOSPITAL Data Breach / November 12, 2023 THE STATE OF MAINE DISCLOSED A DATA BREACH THAT IMPACTED 1.3M PEOPLE Data Breach / November 12, 2023 SECURITY AFFAIRS NEWSLETTER ROUND 445 BY PIERLUIGI PAGANINI – INTERNATIONAL EDITION Breaking News / November 12, 2023 POLICE SEIZED BULLETPROFTLINK PHISHING-AS-A-SERVICE (PHAAS) PLATFORM Cyber Crime / November 11, 2023 SERBIAN PLEADS GUILTY TO RUNNING ‘MONOPOLY’ DARK WEB DRUG MARKET Cyber Crime / November 11, 2023 To contact me write an email to: Pierluigi Paganini : pierluigi.paganini@securityaffairs.co LEARN MORE QUICK LINKS * Home * Cyber Crime * Cyber warfare * APT * Data Breach * Deep Web * Digital ID * Hacking * Hacktivism * Intelligence * Internet of Things * Laws and regulations * Malware * Mobile * Reports * Security * Social Networks * Terrorism * ICS-SCADA * POLICIES * Contact me Copyright@securityaffairs 2023 We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent. Cookie SettingsAccept All Manage consent Close PRIVACY OVERVIEW This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities... Necessary Necessary Always Enabled Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information. Non-necessary Non-necessary Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website. SAVE & ACCEPT