Over 600,000 Residents of Michigan affected by the Wolverine Solutions Breach, warns Michigan AG

Dana Nessel, Michigan Attorney General, has warned the Michigan residents about ransomware attack on Wolverine Solutions Group (WSG) based in Detroit. She says due to the ransomware attack more than 600,000 residents of Michigan may have been affected.

All the individuals who have received the breach notification letter were advised by the Michigan Attorney General to sign-up for the credit monitoring services, as well as monitor their accounts along with EoB statements for any kind of fraudulent use of data. The Michigan AG also advised these individuals to place the fraud alert in their respective credit file, and also consider to freeze their credit file as protection against identity theft and fraud.

The cyberattack on the WSG takes place on or around Sep. 23, 2018. The critical systems were restored mostly under a month, although it has taken more time to determine the clients who gets affected. In fact, some of the clients were notified regarding the extent of this attack in March, 2019.

While the exposed information types differ from individual to individual and company to company, the exposed information might include data elements like names, dates of birth, addresses, insurance contract information along with numbers, medical information, social security numbers, and phone numbers.

The affected healthcare organizations include: Michigan's Blue Cross Blue Shield, Spectrum Health Lakeland, Mary Free Bed Rehabilitation Hospital, Sparrow Health System, Covenant Health Care, North Ottawa Community Health System, Health Alliance Plan, McLaren Health Care, Warren General Hospital, Three Rivers Health and UPMC (University of Pittsburgh Medical Center) Kane.

This attack is thought to have begun with download of Emotet Trojan, which then downloaded the ransomware. This ransomware encrypted the files containing PHI (Protected Health Information). Darryl English, Wolverine Solutions' president, told Daily Swig that ransom demand has been paid.

"Data breaches can be devastating to the affected individuals," said Nessel on March 11, 2019. "It's important this office provide affected customers with any and all available resources to help limit the effects of this - or any - breach. And today, we're doing just that".

While Nessel said that the affected number of individuals could be more than 600,000, but the final total has not been confirmed yet. According to Wolverine, it could be on the higher side of six figures.

» SPAMfighter News - 3/28/2019