Migliaccio & Rathod LLP is currently investigating the Miami, Florida-based spine and joint treatment center iRise Spine and Joint Institute, LLC for failing to safeguard sensitive patient information in a cyberattack that occurred in February of 2021. The data breach was caused by unauthorized access to an employee’s email account by hackers, likely through a phishing attack. Examples of the types of data exposed in the leak include names, dates of birth, medical information including diagnosis and/or clinical treatment information, physician and/or hospital name, dates of service, and health insurance information. In some cases, Social Security numbers, driver’s license numbers, financial account information, credit card numbers, and usernames and passwords were also impacted.
Although iRise began notifying patients that their information was affected in late January of 2022, the institute’s website notes that an investigation determined what type of patient information had been accessed as early as November of 2021. In previous data breaches involving employee email access, victims of data theft have had their information posted on the dark web with little information about who has accessed or viewed it. Victims of these types of phishing attacks may be forced to spend money out of pocket for credit monitoring or fraudulent charges to bank and hospital accounts. Some patients affected by the breach may have noticed suspicious credit card charges, requests for services or loans in a patient’s name, medical procedures ordered without patient consent, and/or disrupted medical care.
Are you or have you been a iRise Spine and Joint Institute patient who has received a data breach notification letter in the past year?
If so, we would like to hear from you. Please complete the questionnaire below, send us an email at [email protected], or give us a call at (202) 470-3520.
The lawyers at Migliaccio & Rathod LLP have years of experience in class action litigation against large corporations, including in cases involving data breaches. More information about our current cases and investigations is available on our blog.