A health care group in Florida settled a class action lawsuit after thieves stole the names, social security numbers and sensitive medical information of more than 447,000 patients from its servers.
under the settlement [PDF]Orlando Family Physicians, which operates 10 clinics in central Florida, will provide reimbursement to affected patients. submit a claim By July 1st, we will provide two years of free credit monitoring. Depending on the type of personal data stolen by the fraudster, patients could receive up to $225, or up to $7,500 if their SSN was stolen.
Also under the settlement, the Doctor Group admits no liability after the data theft.
According to court documents, the theft occurred in April 2021 after criminals accessed the email accounts of four employees via phishing scams. [PDF].
orlando family doctor Said We took steps to contain the intrusion “immediately” and hired a “major” security shop to determine the extent of the intrusion.
Months later, health organizations posted notices on their websites and sent letters to individuals whose personal information had been compromised.
This included a name. demographic information; health information, including diagnoses, providers and prescriptions; Health insurance information, including traditional Medicare beneficiary numbers derived from an individual’s social security number or other participant identification number. medical record numbers; patient account numbers; and passport numbers.
“However, the available forensic evidence indicates that the unauthorized person’s purpose was to commit financial fraud against the OFP and not to obtain personal information about the affected individuals. ,” the group of doctors said at the time.
OFPs too reported a crime It submitted to the U.S. Department of Health and Human Services and said it may have affected 447,426 people.
the group declined to comment register about reconciliation.
Is your PII worth $250 or $75,000?
And now, hundreds of thousands of individuals whose personal information has likely been put up for sale on hacking forums are eligible to be paid after their lawyers take the trump card. The total amount of the settlement was not disclosed.
There are two levels of class members who benefit economically. First, a person who had to pay out-of-pocket expenses for the theft can file a claim up to $225 for documented expenses. or any costs associated with unfreezing, paying for credit monitoring services, or communicating with the bank regarding the case (notary public, fax, postage, photocopying, mileage, and long distance charges) .
These individuals may also submit a claim for up to three hours of time lost due to a security breach at a rate of $25 per hour.
The second group is people whose social security numbers have been stolen. These individuals can file claims up to $7,500 for documented instances of identity theft, tax return tampering, or other types of fraud that can trace the original hack.
You can also claim up to 8 hours of lost time at $25 per hour.
Settlements are made as cybercriminals, especially ransomware gangs. strengthen their attacks Lawyers have filed multiple class action lawsuits against hospitals and healthcare companies.
Last month, the Legal Medical Group of California issued a notification letter 3 million patients It warned that cybercriminals may have stolen large amounts of sensitive health and personal information during a ransomware infection in December.
at least four class action lawsuit A lawsuit was subsequently filed against the medical conglomerate.
Earlier this week, nude medical photos and personal records of a cancer patient were stolen by a ransomware gang and posted online. sued her health care provider To allow “preventable” and “severely damaging” leaks.
The proposed class action lawsuit was filed in February intrusion In doing so, the malware crew, BlackCat, compromised one of Lehigh Valley Health Network’s networks of physicians and obtained images of patients undergoing radiation oncology and other highly sensitive data belonging to more than 75,000 individuals. It stole health records and demanded a ransom payment to decrypt and prevent files. From posting health data online. ®
