Anne Bucher  |  July 8, 2022

Category: Data Breach

Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.

Hacker in Black Gloves Hacking the System. health care data breaches
(Photo Credit: Virrage Images/Shutterstock)

Health care data breaches overview:

  • Who: The Federal Bureau of Investigation, Treasury Department and Cybersecurity and Infrastructure Security Agency issued a joint alert warning health care organizations that they may be subject to sanctions if they pay ransoms following a cyberattack.
  • Why: The agencies say that North Korean actors may be responsible for the health care data breaches, and that health care organizations may face liability if they pay a ransom.
  • Where: The health care data breaches have affected multiple organizations in the U.S.

In a joint alert, the Federal Bureau of Investigation (FBI), Treasury Department and Cybersecurity and Infrastructure Security Agency (CISA) warned that North Korean groups have been responsible for multiple health care data breaches.

The agencies say that the state-sponsored actors used ransomware dubbed “Maui” to encrypt servers that store sensitive information such as health records, diagnostics and imaging and demand ransoms to restore access to the data.

Health care organizations that are found to pay ransoms to the North Korean groups listed on the Treasury’s Office of Foreign Assets Control sanctions list may face liability, the agencies warn.

At the same time, the North Korean groups are expected to continue their health care ransomware attacks.

“The North Korean state-sponsored cyber actors likely assume health care organizations are willing to pay ransoms because these organizations provide services that are critical to human life and health,” according to the joint alert. “Because of this assumption, the FBI, CISA and Treasury assess North Korean state-sponsored actors are likely to continue targeting [healthcare] organizations.”

Agencies urge organizations not to pay ransoms if affected by health care data breaches

The FBI, Treasury and CISA urge health care organizations to protect their sensitive data by using encryption, limiting access, monitoring devices for signs of compromise and regularly reviewing internal policies regarding the handling of sensitive health information.

Health care organizations that have already been hit with a ransomware attack should scan their backup data with a trusted antivirus program to ensure that it is not infected with malware and report the ransomware incident to the FBI, CISA or U.S. Secret Service.

The agencies “strongly discourage paying ransoms” because payment does not ensure that the data will be recovered. Paying ransoms may also pose sanctions risks, the agencies warn.

Recent health care data breaches spur class action lawsuits

There have been several recent reports of health care data breaches that have compromised the data of numerous patients. SuperCare Health and South Shore Hospital are both facing data breach class action lawsuits alleging they failed to adequately protect private information from hackers.

On June 3, Kaiser Permanente announced that it was affected by a health care data breach that exposed the health information of more than 69,000 patients.

If your information was compromised as a result of a hospital data breach, you may qualify for a health care data breach class action lawsuit claim review.


Don’t Miss Out!

Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!


Read About More Class Action Lawsuits & Class Action Settlements:

We tell you about cash you can claim EVERY WEEK! Sign up for our free newsletter.

Leave a Reply

Your email address will not be published. By submitting your comment and contact information, you agree to receive marketing emails from Top Class Actions regarding this and/or similar lawsuits or settlements, and/or to be contacted by an attorney or law firm to discuss the details of your potential case at no charge to you if you qualify. Required fields are marked *

Please note: Top Class Actions is not a settlement administrator or law firm. Top Class Actions is a legal news source that reports on class action lawsuits, class action settlements, drug injury lawsuits and product liability lawsuits. Top Class Actions does not process claims and we cannot advise you on the status of any class action settlement claim. You must contact the settlement administrator or your attorney for any updates regarding your claim status, claim form or questions about when payments are expected to be mailed out.