Catalog: aat - page 71 of 73 -
Catalog: aat - page 71 of 73 -


The effects of a September 2018 ransomware attack are still reverberating for Wolverine Solutions Group, which serves both health insurers and provider organizations.

More than six months after the attack, Michigan’s Attorney General Dana Nessel and Anita Fox, director of the Department of Insurance and Financial Services, are now urging residents of Michigan affected by the data breach to take extra precautions to safeguard their personal health information.

More than 600,000 residents’ protected health information may be affected by the ransomware attack against Detroit-based Wolverine Solutions Group, which operates as a billing company and a business associate with various healthcare organizations, including Blue Cross Blue Shield of Michigan, Health Alliance Plan, McLaren Health Care, Three Rivers Health and North Ottawa Community Health System.

On September 23, Wolverine Solutions learned that an unauthorized party gained access to its computer systems and encrypted many of its records. The organization launched an investigation and hired forensic security experts, who arrived on October 3 to begin the decryption and restoration process. Most critical programs were restored by October 25, and critical operations were running by November 5.

The attack was sophisticated enough that it wasn’t until November and continuing into February that Wolverine Solutions was able to identify individuals affected by the breach, with the first notifications to individuals going out in late December. The process is still not complete, and notices will continue to be mailed this month.

Compromised data includes names, addresses, dates of birth, Social Security numbers, insurance contract information and numbers, phone numbers and medical information, some of which was highly sensitive.

Also See: OIG finds cybersecurity risks within HHS divisions’ systems

Wolverine Solutions is offering one year of credit monitoring and identity protection services from AllClearID, which includes an annual credit score and credit report, and a $1 million identity theft insurance policy.

“As a result of our investigation, WSG believes that the records were simply encrypted,” the organization told affected individuals. “There is currently no indication that the information itself was extracted from WSG’s servers. Nevertheless, given the nature of the affected files, out of an abundance of caution, we mailed letters to all impacted individuals recommending they take immediate steps to protect themselves from any misuse of their information.”

Wolverine Solutions Group did not immediately respond to a request for additional information.

Unfortunately, this data breach is no different than most data breaches that occur, says Linn Freedman, chair of the privacy and security team at the Robinson & Cole law firm in Providence, RI.

“The healthcare industry has been hit hard with intrusions over the past few years and will continue to be targeted because it has been successful for hackers,” she notes.

“Sadly, this is strikingly similar to other data breaches that have occurred over the past few years in the healthcare industry and illustrates the importance of vendor management. More and more data breaches are caused by vendors, which needs to be addressed in a more thoughtful and comprehensive way by the healthcare industry.

“The industry would do well to model vendor management after the financial services industry,” Freedman adds. “It takes time, effort and resources, but pays off by having a better handle on vendors’ security posture. Both covered entities and business associates have the responsibility to secure protected health information, but we continue to see gaps in this obligation, and, therefore, more and more large data breaches.”