Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.
Ransomware Overview
Ransomware is a type of malicious software which, when installed on computers, can threaten the functionality of entire servers and systems. This malware may be embedded in something simple like an email, taking only one click to infest the entire computer system. Hackers then have the opportunity to hold a server hostage, which is where the “ransom” portion of ransomware comes in. Unless businesses pay a large sum, hackers threaten to publish confidential data or block access to vital services.
These attacks may affect any organization with important information, including governments, law enforcement, healthcare, infrastructure, and more.
Unfortunately, these attacks are only becoming more common. Recorded Future, a cybersecurity firm, told CNN that the numbers speak for themselves. Last year, the firm reportedly tracked 85 ransomware attacks. In this year alone, there have reportedly been 140 attacks – representing a 65 percent increase from last year.
Is Ransomware Legal?
Ransomware attacks are illegal and often involve investigation and persecution by federal authorities. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is one authority that works to prevent and manage cybersecurity threats such as ransomware attacks.
CISA says that, in order to avoid ransomware attacks, businesses should make sure they keep their systems up to date, avoid clicking on suspicious links or attachments, backup data regularly, and configure security measures to protect their systems.
Unfortunately, businesses may not follow these relatively simple recommendations. Some consumers argue that businesses have a duty to protect user information and prevent harmful ransomware attacks through strict precautions. Businesses who fail to take these measures and fall victim to a ransomware attack may find themselves faced with angry consumers and even legal action alleging negligence.
Hospital Ransomware Legal Action
Consumers have taken legal action against hospitals which have been subject to ransomware attacks. When ransomware affects hospital systems, health care is often disrupted. Recently, the following healthcare facilities have been victim to attacks:
- DCH Regional Medical Center (Alabama)
- Northport Medical Center (Alabama)
- Fayette Medical Center (Alabama)
- Park DuValle Community Health Center (Kentucky)
- Campbell County Health (Wyoming)
The facilities in Alabama have reportedly been forced to shut down almost entirely to the point of accepting only critical new patients. Although DCH Health Systems, the umbrella company owning all of the hospitals, has paid the ransom, they reportedly do not have their systems up and running.
As a result of these and other ransomware attacks, patients have allegedly had their medical care disrupted. Some consumers reportedly had appointments cancelled or rescheduled while others had their medical records deleted. Although the hospitals are not the perpetrators of the attacks, some argue that they are also to blame for the hassle and stress consumers are facing.
In January 2018, orthopedic provider Surfside Non-Surgical Orthopedics filed a class action lawsuit against Allscripts Healthcare Solutions Inc. following a ransomware attack on the company. Surfside Orthopedics claimed that Allscripts’ negligence made it vulnerable to the malware attack. The attack allegedly made it impossible for the sports medicine provider to access their patient records, forcing them to cancel appointments and lose out on revenue.
