Data Breach Investigation of Leaked Minimally Invasive Surgery of Hawaii Patient Information

Migliaccio & Rathod LLP is currently investigating the Honolulu, Hawaii-based Minimally Invasive Surgery of Hawaii (“MISH”), also known as Orthopedic Associates of Hawaii, All Access Ortho, and Specialty Suites for failing to safeguard sensitive patient information in a data breach that occurred in February of 2021. The incident occurred when the hospital network discovered that its systems were accessed by an unauthorized actor in a ransomware attack. An investigation into the attack found that an unauthorized actor had gained access to and downloaded patient files that contained patients’ first and last names, addresses, dates of birth, medical treatment information, and Social Security numbers.

Although MISH investigated the incident and began sending notification letters to affected individuals in February of 2022, the medical center noted that the breach occurred in February of 2021, and that it had identified patients whose information had been accessed as early as April of 2021. Due to the lapse in time between the breach and MISH’s notice to affected patients, hackers may have already been able to sell the sensitive patient information that they acquired from MISH’s network. In previous data breaches of this type, affected patients have been forced to spend money on credit monitoring services or other fraudulent uses of their information. Some affected patients may have noticed one or more of the following types of fraudulent activity related to the information that they had on file with MISH: suspicious credit card charges, requests for government services or loans without permission, medical procedures ordered without patient consent, and/or disrupted medical care.

Are you or have you been a Minimally Invasive Surgery of Hawaii patient who has received a data breach notification letter in the past year?

If so, we would like to hear from you. Please complete the contact form on this page, send us an email at [email protected], or give us a call at (202) 470-3520.

The lawyers at Migliaccio & Rathod LLP have years of experience in class action litigation against large corporations, including in cases involving data breaches. More information about our current cases and investigations is available on our blog.