McLaren Health Care in Michigan has begun informing 743,131 individuals that their protected health information was compromised during a ransomware attack that occurred in August 2024.
McLaren Health Care had previously disclosed the ransomware attack, but the process of reviewing the compromised files delayed the issuance of individual notification letters. These letters inform recipients that unauthorized access to McLaren’s computer systems was identified around August 5, 2024. With support from third-party cybersecurity experts, the investigation revealed that systems used by McLaren Health Care and its Karmanos Cancer Centers were accessed without authorization between July 17 and August 3, 2024.
The forensic review of the compromised files was thorough and time-intensive, concluding on May 5, 2025. At that point, it was confirmed that the files contained personal and protected health information. The exposed data included names, Social Security numbers, driver’s license numbers, medical details, and health insurance information. Notification letters were sent to affected individuals on or around June 20, 2025, and McLaren Health Care is offering 12 months of complimentary credit monitoring and identity theft protection services.
