Capital Region Medical Center Data Breach Investigation

Migliaccio & Rathod LLP is currently investigating the Jefferson City, Missouri-based Capital Region Medical Center (“CRMC”) for failing to safeguard sensitive patient information in a data breach that occurred in December of 2021. The incident occurred when the hospital network discovered suspicious activity on its systems, likely as the result of a ransomware attack. An investigation into the attack found that an unauthorized actor had gained access to files that contained patients’ first and last names, dates of birth, full mailing addresses, medical information, and health insurance information. For some individuals, Social Security numbers, driver’s license numbers, and financial account information may have been accessed.

Although CRMC investigated the incident and began sending notification letters to affected individuals in March of 2022, the medical center noted that the breach occurred in December of 2021. Due to the lapse in time between the breach and the hospital network’s notice to affected patients, hackers may have already been able to acquire and sell sensitive patient information such as social security numbers. In previous data breaches, victims of data theft have been forced to spend money on credit monitoring services or other fraudulent charges. Some individuals affected by the data breach may have noticed one or more of the following types of fraudulent activity related to their healthcare information: suspicious credit card charges, requests for government services or loans, medical procedures ordered without patient consent, and/or disrupted use of the hospital’s patient portal.

Are you or have you been a Capital Region Medical Center patient who has recently received a data breach notification letter?

If so, we would like to hear from you. Please complete the contact form on this page, send us an email at [email protected], or give us a call at (202) 470-3520.

The lawyers at Migliaccio & Rathod LLP have years of experience in class action litigation against large corporations, including in cases involving data breaches. More information about our current cases and investigations is available on our blog.