The listings featured on this site are from companies from which this site receives compensation and some are co-owned by our parent company. This influence: Rank and manner in which listings are presented.
Learn more
vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.
Advertising Disclosure

vpnMentor was established in 2014 to review VPN services and cover privacy-related stories. Today, our team of hundreds of cybersecurity researchers, writers, and editors continues to help readers fight for their online freedom in partnership with Kape Technologies PLC, which also owns the following products: ExpressVPN, CyberGhost, and Private Internet Access which may be ranked and reviewed on this website. The reviews published on vpnMentor are believed to be accurate as of the date of each article, and written according to our strict reviewing standards that prioritize professional and honest examination of the reviewer, taking into account the technical capabilities and qualities of the product together with its commercial value for users. The rankings and reviews we publish may also take into consideration the common ownership mentioned above, and affiliate commissions we earn for purchases through links on our website. We do not review all VPN providers and information is believed to be accurate as of the date of each article.

McLaren Health Care Breach Exposes 2.2 Million Patients' Data

McLaren Health Care Breach Exposes 2.2 Million Patients' Data
Author Image Keira Waddell
Keira Waddell Published on 14th November 2023 Former Senior Writer

McLaren Health Care, a major healthcare provider based in Michigan, reported a significant data breach affecting approximately 2.2 million patients. The breach was identified between late July and August of this year and sparked an ongoing investigation into the extent and potential ramifications.

The compromised data was found to include a range of sensitive personal and medical information, including full names, Social Security numbers, health insurance details, billing and claims information, physician data, diagnosis records, medical record numbers, prescription and medication information, Medicare/Medicaid data, and diagnostic results. The specific types of data exposed varied for each individual, depending on the information shared with McLaren.

The breach came to light when McLaren Health Care published a statement on its website, notifying the Maine Attorney General and affected individuals. Subsequent investigations conducted with external cybersecurity experts revealed unauthorized access to the healthcare system's network dating from July 28, 2023 to August 23, 2023.

McLaren Health Care is taking proactive measures, including notifying affected individuals via email addresses provided to McLaren. These notifications also contain instructions on enrolling in identity protection services for 12 months.

While the healthcare provider currently lacks evidence of cybercriminals misusing the exposed data, it urges individuals to exercise caution with unsolicited communications and to closely monitor their bank account activity.

The ALPHV/BlackCat ransomware group claimed responsibility for this breach in October. The group asserted its involvement in the attack, even threatening to auction the entire dataset. McLaren, however, did not confirm the ransomware group’s involvement or mention any ongoing negotiations with the threat actors.

As a result of this breach, McLaren Health Care now faces at least three class-action lawsuits related to the incident. The healthcare system, which prides itself on providing cost-efficient and integrated healthcare services, generated over $6 billion in revenue in 2022.

This incident is one of the many recent threats to data security in the healthcare industry. As the investigations continue, McLaren Health Care continues to address the aftermath of the breach and work towards reinforcing its security infrastructure to prevent future incidents.

About the Author

  • Author Image Keira Waddell
  • Keira Waddell Former Senior Writer

Keira was a senior writer at vpnMentor. She is an experienced cybersecurity and tech writer dedicated to providing comprehensive insights on VPNs, online privacy, and internet censorship.

Please, comment on how to improve this article. Your feedback matters!

Leave a comment

Sorry, links are not allowed in this field!

Name should contain at least 3 letters

The field content should not exceed 80 letters

Sorry, links are not allowed in this field!

Please enter a valid email address