Recommended reading

Major data breach at McLaren Health Care sees 743,000 patients affected - here's what we know

News
By published

2024 breach puts thousands of patients at risk

Caution sign data unlocking hackers. Malicious software, virus and cybercrime, System warning hacked alert, cyberattack on online network, data breach, risk of website
(Image credit: sarayut Thaneerat/ via Getty Images)
  • McLaren Health Care and Karmanos Caner Institute patients are being warned of 2024 breach
  • Suspicious activity was caught in August 2024
  • A nine-month review has concluded

A ransomware attack between July and August 2024 affecting McLaren Health Care and Karmanos Cancer Institute has resulted in a mammoth data breach affecting nearly 750,000 people.

Hackers stole the data of 743,131 people, including their Social Security numbers, health insurance information, driver's license details, names and medical data.

The attack has been linked to the INC ransomware gang, however McLaren's public statement failed to directly attribute the attack to any group.

Nearly 750,000 patients have data stolen

Attackers were first believed to have breached the systems on July 17, 2024, with suspicious activity later detected on August 5, 2024. Nine months later, on May 5, 2025, forensic review of the incident had ended, with a public notification later released this month.

During the breach, McLaren noted IT and phone systems were down, resulting in some surgeries, appointments and treatments being canceled or rescheduled.

"McLaren determined that personal information and protected health information pertaining to individuals was contained within the files involved," the notice reads.

During the incident, staff resorted to manually managing appointments and medication information.

Despite first failing to mention how systems were breached, McLaren later confirmed it was due to a ransomware attack.

"Our organization was the target of a cybersecurity attack by an international ransomware group that impacted the McLaren Health Care and Karmanos Cancer Institute computer network," the notice continues.

It's not the first time McLaren has been the victim of a ransomware attack – earlier in July 2023, the AlphV/BlackCat gang carried out an attack affecting 2.2 million individuals.

"There is currently no evidence that your information has been misused," McLaren stated, however affected individuals are being offered a year of free credit monitoring.

Potential victims affected by the breach should also remain vigilant and pay attention to any suspicious activity on their accounts.

You might also like

Craig Hale
Craig Hale

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.