Wolverine Solutions Group data breach impacts hundreds of healthcare organizations

• The affected healthcare organizations include Mary Free Bed Rehabilitation Hospital, the Health Alliance Plan, North Ottawa Community Health System, Three Rivers Health and more.
• The data breach has compromised personal information of almost 1.2 million patients.

What is the issue - Wolverine Solutions Group suffered a ransomware attack in September 2018, which led to a compromise of personal information of almost 1.2 million patients.

Who were affected - The ransomware attack impacts nearly 700 healthcare organizations as these organizations use Wolverine Solutions Group for their billing and mailing services.

The healthcare organizations affected by the breach include Mary Free Bed Rehabilitation Hospital, the Health Alliance Plan, North Ottawa Community Health System, Three Rivers Health and more.

Of the 1.2 million patients affected, almost 120,334 patients belong to the Health Alliance Plan, and 8000 patients belong to Three Rivers Health.

What was exposed - The information involved in the data breach includes patients’ names, dates of birth, phone numbers, addresses, social security numbers, healthcare provider names, medical insurance information, medical identification numbers, service codes, payment amounts, and other medical information.

What actions were taken - Wolverine Solutions Group has notified the Blue Cross Blue Shield of Michigan about the incident. Wolverine has also notified its healthcare clients about the data breach.

• Wolverine is requesting the potentially affected clients to contact Equifax, TransUnion, and Experian, the three national credit-reporting agencies to add a fraud alert statement to their credit files.
• It is recommending its customers to review their name from mailing lists of pre-approved offers of credit.
• It is urging its customers to review all bills and credit-card charges received for items purchased.
• It requests customers to review bank account statements and contact local police in case of any suspicious transactions.
• Wolverine is providing affected customers with AllClear ID for identity protection and credit monitoring services.

“WSG is taking steps to guard against identity theft or fraud. We arranged for affected individuals to have AllClear ID protect their identity. The following identity protection services start on the date of the individual receiving a notice letter and can be used at any time during the next 12 months,” Wolverine said in a official statement.