Medical Center Data Breach Class Action Lawsuit Investigation

Migliaccio & Rathod LLP is investigating medical centers across the country for failing to safeguard sensitive patient information in an increasing number of cyberattacks that have occurred from 2020 to the present. These data breaches are usually caused by unauthorized access to medical facilities’ networks or employee email accounts through ransomware or phishing attacks, usually resulting in the exposure of patient information to hackers. Examples of the types of data exposed in such leaks include names, dates of birth, medical information including diagnosis and/or clinical treatment information, dates of services, health insurance information, Social Security numbers, driver’s license numbers, credit card numbers, and financial account information.

Although medical centers usually notify patients that their information was affected, investigations into data breaches can take months, leaving sensitive information exposed without patients’ knowledge. In previous data breaches, victims of data theft had had their information posted on the dark web or viewed by hackers with little information about who accessed or viewed it. Victims of these types of data attacks may be forced to spend money out of pocket for credit monitoring or fraudulent charges to bank and hospital accounts. Some patients affected by data breaches may have noticed suspicious credit card charges, requests for services or loans in a patient’s name, medical procedures ordered without patient consent, and/ or disrupted medical care.

Have you received a data breach notification letter from a hospital or medical center within the past year?

If so, we would like to hear from you. Please complete the contact form on this page, send us an email at [email protected], or give us a call at (202) 470-3520.

Attorneys Committed to Consumer Protection

The lawyers at Migliaccio & Rathod LLP have years of experience in class action litigation against large corporations, including cases involving data breaches. More information about our current cases and investigations is available on our blog.

News Updates:

(February 11, 2022) Houston, Texas-based Memorial Hermann Health System notified over 6,000 patients that their sensitive health information was exposed during a cyberattack that affected Advent Health Partners, one of the Hermann Health System’s data processing vendors. Advent Health Partners announced on February 8, 2022, that internal employee emails had been targeted in a phishing attack that exposed the information of various medical center clients.

(February 16, 2022) Chicago, Illinois-based South Shore Hospital network notified over 115,000 patients and employees that their sensitive personal identifying information was affected after a hack of the hospital network’s systems in December of 2021.  South Shore Hospital announced on February 4, 2022, that suspicious activity on its network exposed the health information of patients and employees to unauthorized actors, including names, dates of birth, Social Security numbers, financial information, health insurance information, medical information, diagnoses, health insurance policy numbers, and Medicare/Medicaid information.