- Michigan Attorney General Dana Nessel and Department of Insurance and Financial Service Director Anna Fox are urging about 600,000 state residents impacted by the ransomware attack on Wolverine Solutions Group to take precautions and safeguard the data potentially breached by the event.
The third-party vendor’s systems were infected with ransomware in September, encrypting records and rending them inaccessible. Wolverine officials said they began decrypting and restoring files on October 3, which concluded on October 25.
The compromised data included a host of personal details from demographic information to Social Security numbers. Officials said they’ve been rolling out notifications steadily to its clients since December, as they continue to assess the type of data infected by the malware, the impacted clients, and the patients involved.
So far, Blue Cross Blue Shield of Michigan, Health Alliance Plan, Three Rivers Health, North Ottawa Community Health System, Mary Free Bed Rehabilitation Hospital, Covenant Hospital, Sparrow Hospital, and McLaren Health Care have been notified their data was included in the breach.
The Attorney General’s letter suggests that more Michigan providers will be added to the list of providers impacted by the Wolverine cyberattack. Wolverine’s initial notification said further notices will be mailed in March.
In response, Nessel sent a letter to Wolverine to gain more information into the security event. As Michigan law doesn’t require the attorney general be notified of data breaches, she first learned of the incident through the media.
Patients impacted by the breach have been offered identity protection from Wolverine, but Nessel explained that individuals should determine what personal information was compromised and “act accordingly.” She also recommended patients consider a security freeze and to use two-factor authentication on all online accounts whenever possible.
“Data breaches can be devastating to the affected individuals,” Nessel said in a statement. “It’s important this office provide affected customers with any and all available resources to help limit the effects of this – or any – breach. And today, we’re doing just that.”