Multiple Healthcare Orgs Warn of Third-Party Attack

Multiple Healthcare Orgs Warn of Third-Party Attack

A September 2018 ransomware attack on Wolverine Solutions Group (WSG) has had widespread impact, resulting in hundreds of thousands of customers being warned that their personal information may have been part of a data breach, according to Detroit Free Press.

In a statement to its clients, Wolverine Solutions Group wrote, “On approximately September 25, 2018, WSG discovered that an unauthorized party gained access to its computer system and infected the system with malware. The malware encrypted many of WSG’s records (including those pertaining to our Healthcare Clients), which made them inaccessible to WSG in an effort to extort money from WSG. This is commonly referred to as 'ransomware.'”

While it is believed that the records were only encrypted, as there was no initial evidence that information was extracted from the servers, an investigation into the attack of the Detroit-based contractor remains ongoing.

Multiple hospitals and healthcare companies have potentially been impacted by the security incident, including Mary Free Bed Rehabilitation Hospital, where more than 4,500 patients may have had their records compromised, according to Fox 17 News.

Given that WSG provides third-party services for hospitals and healthcare organizations, several companies have issued security notices to their customers. Blue Cross Blue Shield of Michigan (BCBSM), Health Alliance Plan (HAP) and McLaren Health Care are among those that have sent notifications of a potential security incident.

*A spokesperson for BCBSM wrote in an email, "We have no indication that any member information was extracted during the incident. We were told that Blue Cross Blue Shield of Michigan was not the only client company of Wolverine impacted by this incident. About 150,000 of our members were impacted, with about 100,000 of them residing in Michigan. The others are dispersed across many other states. BCBSM offered our members 24 months of credit protection through AllClear ID. We are working with Wolverine on a remediation plan they developed in response to the incident.

According to the February 27, 2019, notice of a data security incident impacting McLaren Health Care, there was “a ransomware incident (a malicious software attack). McLaren received notice of this incident on December 10, 2018, when the WSG forensic team uncovered initial evidence that McLaren patient information may have been included on the impacted servers. WSG also reported this incident to local law enforcement authorities and the FBI.”

When Infosecurity contacted HAP, a spokesperson responded, "This is a Wolverine Solutions Group breach that we understand impacted many of their customers, including many healthcare organizations. You really should be talking to WSG – they are your best bet." According to Detroit Free Press, HAP notified more than 120,000 clients of a third-party security breach that may have resulted in their personal information being compromised.

*Update – this article has been updated with comment from Blue Cross Blue Shield of Michigan.

Source: Information Security Magazine