Greenwood Leflore Hospital and McLaren Health Care and Affected by Elekta Ransomware Attack

The Cancer Center at Greenwood Leflore Hospital (CCGLH) in Mississippi informed its patients about the Elekta ransomware attack as a preventative measure to avert identity theft and fraud.

Elekta notified CCGLH on May 17 regarding the ransomware attack and was informed that patient information was encrypted; nevertheless, Elekta’s forensic investigation confirmed that the attackers did not have any interactive access to the protected health information (PHI) and did not download the PHI of CCGLH patients or moved from the database. Nonetheless, it wasn’t possible to completely exclude the probability of unauthorized information access and PHI theft.

The following types of information were possibly exposed in the attack: complete names, Social Security numbers, addresses, height & weight measurements, birth dates, health diagnoses, medical treatment information, visit confirmations, and other data CCGLH obtained to give health care services.

CCGLH offered free access to identity monitoring, identity theft restoration services, and fraud consultation to its patients. The number of CCGLH patients affected by the attack is presently uncertain.

McLaren Health Care Corporation (MHCC) operates 15 hospitals and more than 100 primary care centers in Ohio and Michigan. MHCC announced the potential compromise of the PHI of 64,600 of its cancer patients because of the ransomware attack on Elekta Inc.

Elekta offers software and technology services to MHCC centers in Northern Michigan, Macomb, Gaylord, West Branch, Lapeer, Central and Bay City, including information storage.

From April 2 to April 20, 2021, Hackers got access to the system of Elekta, exfiltrated data, then used ransomware for file encryption. The attackers issued a ransom demand, payment of which will stop exposure of the stolen information and will get the keys to decrypt data. Elekta informed MHCC regarding the breach on May 17, 2021.

Although patient information was impacted, Elekta stated there’s no reason to think that attackers will further disclose or post online any of the stolen information. Nevertheless, as a safety measure against identity theft and fraud, free identity theft protection and credit monitoring services are provided to impacted people. The types of data affected were the same as CCGLH.


About Christine Garcia 1309 Articles
Christine Garcia is the staff writer on Calculated HIPAA. Christine has several years experience in writing about healthcare sector issues with a focus on the compliance and cybersecurity issues. Christine has developed in-depth knowledge of HIPAA regulations. You can contact Christine at [email protected]. You can follow Christine on Twitter at