Skip to main content
Michigan’s nonpartisan, nonprofit news source

We need your vote!

During this important election year, Bridge readers like you know that high-quality journalism like ours is more critical than ever. There’s a lot on the line, and we’re working daily to deliver the information you need to prepare you for November’s election. Can we count on your vote of confidence in our newsroom? Donate today!

Pay with VISA Pay with MasterCard Pay with American Express Pay with PayPal Donate

Michigan’s McLaren Health Care confirms cyberattack, asks for ‘patience’

Outside of McLaren Health Care Cheboygan Campus
McLaren Health Care, based in Grand Blanc, operates 13 Michigan hospitals. (Bridge file photo by Robin Erb)
  • McLaren Health Care is the latest of Michigan’s large health systems to fall victim to a cyberattack
  • The system acknowledged ‘limited access to our systems’ forcing the rescheduling — as a precaution — of some appointments, tests, and treatments
  • Patients are asked to report as scheduled to appointments and bring printed information with them, including a list of medications and allergies

McLaren Health Care confirmed Wednesday that the technology “disruption” it reported Tuesday was actually a result of a criminal cyberattack.

As it investigates, the chain’s facilities remain “largely operational,” the $6.6 billion Grand Blanc-based system reported in a statement Wednesday.

“Our information technology team continues to work with external cyber security experts to analyze the nature of the attack and mitigate the impacts of the threat actors,” the statement read, adding that it was unclear whether hackers breached patient or employee data.

Sponsor

The hospital chain continues to operate “several information technology systems” as part of “downtime procedures while we work to fully restore functionality to our system.”

On Monday, staff were able to quickly toggle from electronic medical records to paper charting because of previous training for “downtime procedures,” said Betsy Lehner, president of Office and Professional Employees International Union (OPEIU), Local 459. The chapter represents about 1,000 nurses, lab employees, environmental services and maintenance workers at McLaren.

A registered nurse herself, Lehner said the McLaren has backup computers at the ready as well as boxes of paper medical forms in triplicate, allowing doctors and nurses to chart and send copies to the pharmacy and others, she said.

That, “and a ton of teamwork” has mitigated any disruption to patient services, she said, adding “we have experienced nurses that have paper-charted for a lot of their careers.”

Moreover, medical staff are conditioned to fast-changing workplace realities, she said.

“Nursing, medical care — it’s a stressful job because things can change quickly. A patient can go from talking, breathing, and heart-beating to suddenly not, so we learn to adapt because we have to,” she said.

The system provided few other details about the attack and declined interviews. Dave Jones, a spokesperson, said only that the problems began Monday.

Related:

McLaren, which operates 13 Michigan hospitals and includes Karmanos Cancer Institute, has 28,000 full- and part-time and contracted employees and connections to providers in Michigan, Indiana and Ohio, according to its website.

The confirmation of another cyberattack comes just three months after a ransomware attack on the St. Louis-based Catholic health-care giant Ascension, which operates 15 Michigan hospitals. 

That attack — which the chain later said it connected to a malicious file and an “honest mistake” — took down information systems, cut off access to patient portals, forced the rerouting of some patients to other hospitals, shut down much of the pharmacy operations, and hobbled the system for months.

It was not immediately clear whether Ascension had fully recovered from the attack by the time McLaren realized it, too, had been victimized.

Ascension’s latest public update, dated June 14, maintains that electronic health record access has been “restored across our ministries,” but it also acknowledges that the “investigation into this incident is ongoing, along with the remediation of additional systems.”

Ascension has declined to speak publicly about its cyber breach and did not respond to Bridge Michigan’s request for comment on Wednesday.

Ascension and McLaren don’t stand alone as cyber targets.

In June, a hacker “impersonated a company employee” at Rite Aid — which is currently shutting down dozens of Michigan stores — to gain access to its “business systems,” the store chain reported. Last month, hackers were able to access information — via email accounts — at Michigan Medicine, part of University Michigan. 

What patients should do 

McLaren’s breach became publicly apparent Tuesday when the system released a brief statement noting what it called “a disruption to our information technology system.”

For now, patients should appear for scheduled appointments unless they are contacted by McLaren staff and instructed otherwise. Some non-emergency or elective procedures may be postponed.

Sponsor

McLaren is requesting patients bring the following information to appointments: 

“We understand this situation may be frustrating to our patients — and to our team members — and we deeply and sincerely apologize for any inconvenience this may cause,” according to a statement released by the system Tuesday.

“We kindly ask for your patience while our caregivers and support teams work as diligently as ever to provide our communities the care they need and deserve,” it read.

How impactful was this article for you?

Michigan Health Watch

Michigan Health Watch is made possible by generous financial support from:

Please visit the About page for more information, and subscribe to Michigan Health Watch.

Only donate if we've informed you about important Michigan issues

See what new members are saying about why they donated to Bridge Michigan:

  • “In order for this information to be accurate and unbiased it must be underwritten by its readers, not by special interests.” - Larry S.
  • “Not many other media sources report on the topics Bridge does.” - Susan B.
  • “Your journalism is outstanding and rare these days.” - Mark S.

If you want to ensure the future of nonpartisan, nonprofit Michigan journalism, please become a member today. You, too, will be asked why you donated and maybe we'll feature your quote next time!

Pay with VISA Pay with MasterCard Pay with American Express Pay with PayPal Donate Now