- McLaren Health Care and Karmanos Can Institute Patients are warned of violation of 2024
- Suspicious activity was caught in August 2024
- A nine-month review is completed
A ransomware attack between July and August 2024 affecting McLaren Health Care and Karmanos Cancer Institute has resulted in a mammoth data violation affecting almost 750,000 people.
Hackers stole the data from 743,131 people, including their social security number, health insurance information, driver’s license information, names and medical data.
The attack has been linked to the Inc Ransomware band, but McLaren’s public statement could not directly attribute the attack to any group.
Nearly 750,000 patients have stolen data
Attackers were first assumed to have violated the systems on July 17, 2024, with suspicious activity later discovered on August 5, 2024. Nine months later, on May 5, 2025, forensic review of the incident was completed, with a public announcement later released this month.
During the violation, McLaren noticed it and telephone systems were down, resulting in some operations, appointments and treatments being canceled or re -planned.
“McLaren determined that personal information and protected health information relating to individuals were included in the files involved,” the message reads.
During the incident, the staff is to manually manage agreements and medication information.
Despite the fact that he could not mention how systems were violated, McLaren later confirmed that it was due to a ransomware attack.
“Our organization was the goal of a cyber security attack from an international ransomware group that affected McLaren Health Care and Karmanos Cancer Institute Computer Network,” the announcement continues.
This is not the first time McLaren has been the victim of a ransomware attack -earlier in July 2023, the Alphv/Blackcat band conducted an attack affecting 2.2 million individuals.
“There is currently no evidence that your information has been abused,” McLaren said, but affected persons are offered one year of free credit monitoring.
Potential victims affected by the violation should also remain vigilant and pay attention to any suspicious activity in their accounts.
