Cyber Incident Victim: Mary Free Bed Rehabilitation Hospital

In March 2019, Mary Free Bed Rehabilitation Hospital disclosed that a ransomware incident at Wolverine Solutions Group, a third-party medical billing vendor, compromised the private information of 4,755 patients. Wolverine Solutions Group confirmed the breach and initiated notification letters to affected individuals. The incident stemmed from a previously reported ransomware attack on Wolverine, which also impacted numerous other healthcare entities across Michigan. Mary Free Bed clarified that its decision to terminate Wolverine’s services predated awareness of the breach, confirming the contractual change was unrelated to the security event. Reports indicated Wolverine’s ransomware incident occurred months earlier, with delayed notifications extending into 2019.

The breach’s scope expanded as additional affected organizations were identified, including Covenant Health (45,000 patients), Health Alliance Plan (120,000 patients), McLaren Health Care (54,000 patients), Sparrow Hospital, North Ottawa Community Health System (15,000 patients), Warren General Hospital, and University of Pittsburgh Medical Center Kane. By mid-March 2019, Spectrum Health Lakeland reported approximately 60,000 potentially impacted patients. Wolverine Solutions Group coordinated notifications across all affected entities, though specific details regarding the ransomware variant, intrusion methods, or data exfiltration were not publicly disclosed. No disruptions to Mary Free Bed’s clinical operations were reported, and the hospital emphasized its reliance on Wolverine for billing services rather than direct patient care systems. The incident highlighted supply-chain risks within healthcare vendor networks, with Wolverine’s breach collectively exposing data across over a dozen providers and hundreds of thousands of patients.