Refuah Health Center Data Breach Investigation

Migliaccio & Rathod LLP is currently investigating the Spring Valley, New York-based Refuah Health (“Refuah”) for failing to safeguard sensitive patient information in a data breach that occurred between May 31, 2021 and June 1, 2021. An investigation into the data breach found that unauthorized actor(s) gained access to Refuah’s network and accessed highly sensitive identifiable protected personal, financial, and health information, including: Social Security numbers, driver’s license numbers, state identification numbers, dates of birth, bank/financial account information, credit/debit card information, medical treatment/diagnosis information, Medicare/Medicaid numbers (which may be identical to Social Security numbers), medical record numbers, patient account numbers, and/or health insurance policy numbers.

Although Refuah’s investigation determined that patient information had been accessed in mid-2021, the company only began notifying victims of the incident in late-April of 2022. Due to this lapse in time between the breach and the notice to affected patients, hackers may have already been able to acquire and sell sensitive information and otherwise benefit from the fraudulent misuse of such information. Some individuals affected by the data breach at Refuah may have noticed one or more of the following types of fraudulent activity related to their healthcare or financial information: unauthorized credit card charges, requests for loans or benefits in a patient’s name without their consent, fake medical procedures ordered, and/or disrupted use of the institution’s website or patient portal.

Are you or have you been a Refuah Health Center patient who recently received a data breach notification letter?

If so, we would like to hear from you. Please complete the contact form on this page, send us an email at [email protected], or give us a call at (202) 470-3520.

The lawyers at Migliaccio & Rathod LLP have years of experience in class action litigation against large corporations, including in cases involving data breaches. More information about our current cases and investigations is available on our blog.