Data Breach Investigation of Leaked Duncan Regional Hospital Patient Information

Migliaccio & Rathod LLP is currently investigating the Stephens County, Oklahoma-based Duncan Regional Health (“DRH Health”) for failing to safeguard sensitive patient information in a data breach that occurred in January of 2022. The incident occurred when the hospital network discovered suspicious activity on its servers, likely as the result of a ransomware attack. An investigation into the incident found that an unauthorized actor had gained access to the hospital’s central record system, which contained patients’ names, addresses, demographic information, dates of birth, and some combination of Social Security numbers, medical record numbers, and limited treatment information.

DRH Health claims to have shut down its servers and cut off the cybercriminals’ access to the hospital systems, with notification letters being sent to affected individuals in March of 2022. Hackers, however, may have already been able to acquire and sell patient information such as social security numbers, health insurance information, personal identifiers, and other important health information. In previous data breaches, victims of data theft have been forced to spend money on credit monitoring services or other fraudulent charges.

Are you or have you been a Duncan Regional Health patient who has received a data breach notification letter in the past year?

If so, we would like to hear from you. Please complete the contact form on this page, send us an email at [email protected], or give us a call at (202) 470-3520.

The lawyers at Migliaccio & Rathod LLP have years of experience in class action litigation against large corporations, including in cases involving data breaches. More information about our current cases and investigations is available on our blog.