Feb 9
/
Latest News
McLaren Health Care to Pay $14 Million Over Back-to-Back Ransomware Attacks
GRAND BLANC, Mich. — Michigan-based health giant McLaren Health Care has reached a $14 million preliminary settlement to resolve a consolidated class action lawsuit following two major ransomware attacks that compromised the sensitive data of approximately 2.8 million patients and employees.
The legal action, filed in a Michigan state court, alleged that the $7.3 billion healthcare system was negligent and breached its contracts by failing to implement adequate security measures after the first attack in 2023, which left its systems vulnerable to a second incursion in 2024. The first breach, attributed to the Russian-speaking gang Alphv/BlackCat, reportedly involved the theft of six terabytes of data, including Social Security numbers and medical records. This was followed by a 2024 attack by the "Inc Ransom" group, which staff described as even more disruptive to patient care than the previous year's incident. While McLaren has not admitted to any wrongdoing or disclosed whether any ransoms were paid, the company has agreed to significant, though undisclosed, security enhancements for at least two years as part of the deal.
Under the terms of the settlement, which faces a final court approval hearing on April 21, 2026, affected individuals may claim up to $5,000 for documented out-of-pocket losses and expenses tied to the breaches. Beyond individual reimbursements, the settlement provides for a pro rata cash payment from the remaining funds and one year of credit monitoring services for all class members. Legal fees for the class counsel are expected to consume roughly $4.6 million of the total fund, while McLaren bears the additional cost of its mandatory security upgrades. The double-strike on McLaren’s network has served as a catalyst for state-wide warnings from Michigan officials, emphasizing the critical need for robust data protection in the healthcare sector. Patients and current or former employees whose data was exfiltrated during the windows of July 2023 or July 2024 have until April 29, 2026, to submit their claims through the official settlement administrator.
The legal action, filed in a Michigan state court, alleged that the $7.3 billion healthcare system was negligent and breached its contracts by failing to implement adequate security measures after the first attack in 2023, which left its systems vulnerable to a second incursion in 2024. The first breach, attributed to the Russian-speaking gang Alphv/BlackCat, reportedly involved the theft of six terabytes of data, including Social Security numbers and medical records. This was followed by a 2024 attack by the "Inc Ransom" group, which staff described as even more disruptive to patient care than the previous year's incident. While McLaren has not admitted to any wrongdoing or disclosed whether any ransoms were paid, the company has agreed to significant, though undisclosed, security enhancements for at least two years as part of the deal.
Under the terms of the settlement, which faces a final court approval hearing on April 21, 2026, affected individuals may claim up to $5,000 for documented out-of-pocket losses and expenses tied to the breaches. Beyond individual reimbursements, the settlement provides for a pro rata cash payment from the remaining funds and one year of credit monitoring services for all class members. Legal fees for the class counsel are expected to consume roughly $4.6 million of the total fund, while McLaren bears the additional cost of its mandatory security upgrades. The double-strike on McLaren’s network has served as a catalyst for state-wide warnings from Michigan officials, emphasizing the critical need for robust data protection in the healthcare sector. Patients and current or former employees whose data was exfiltrated during the windows of July 2023 or July 2024 have until April 29, 2026, to submit their claims through the official settlement administrator.
Executive IT Forums, Inc.
Educational Programs on Information Technology, Governance, Risk Management, & Compliance (GRC).
Our Newsletter
Get regular updates on CPE programs, news, and more.
Thank you!
Copyright © 2026 Executive IT Forums, Inc. All Rights Reserved.
Get started
Let us introduce our school
Write your awesome label here.