McLaren Health Care, a Michigan based hospital chain consisting of thirteen hospitals in Michigan and Indiana last week disclosed that it was a victim of a data breach that began on July 28th and lasted through the month of August.  The company became aware of the data breach in early October, but did not disclose it for another month.   The data breach affects more than two million people whose personal information has been compromised.  McLaren has not provided details of the data breach, but the ransomware criminal group ALPHV/BlackCat has claimed responsibility although this has not been confirmed.

Here is a link to McLaren’s official response to the incident.

Last year, in the United States there were more than 1,800 reported data breaches and probably many more that were not reported affecting 422 million people.  The question is not if you will become a victim of a data breach.  The question is when.

As I have reminded you many times, we are only as safe and secure as the security of the companies, government agencies and websites that have our personal information.  Even if you are extremely diligent in protecting your personal information, you can be in danger of identity theft and scams if your personal information falls into the hands of hackers.

So what can you do to protect yourself from these data breaches that will be occurring?


One important lesson is to limit the amount of personal information that you provide to companies and websites whenever possible.  For example, your doctor doesn’t need your Social Security number for his or her records.

You should make sure that you have a unique password for each of your online accounts so that if one of your passwords is compromised in a data breach, all of your accounts will not be in danger.  If your information is compromised in a data breach, you should immediately change the password for that account.

If you have not already done so, set up dual factor authentication for each of you accounts where it is available. This will protect you from having those accounts stolen by someone who may have access to your password.

Freezing your credit is also something everyone should do.  It is free and easy to do.  In addition, it protects you from someone using your identity to obtain loans or make large purchases even if they have your Social Security number.  If you have not already done so, put a credit freeze on your credit reports at all of the major credit reporting agencies.  Here are links to each of them with instructions about how to get a credit freeze:

Also, if you are in the mood to get scared you can go to the free website haveibeenpawned where you can find out what data breaches have affected you personally.

If you are not a subscriber to and would like to receive free daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of and type in your email address on the tab that states “Sign up for this blog.”