Joanna Szabo  |  August 28, 2020

Category: Data Breach

Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.

R1 RCM targeted by ransomware.

A major ransomware attack recently targeted the R1 RCM and may have exposed countless patients’ information from medical facilities. Those whose information was exposed may be able to file or join an R1 RCM lawsuit.

The ransomware was released into R1 RCM’s systems in mid-August, at about the same time the company released its second quarter financial results for 2020, though it is unclear when exactly the networks were first breached. The R1 RCM ransomware attack may affect the sensitive information of tens of millions of patients across the country.

What Does R1 RCM Do?

R1 RCM is a medical debt collection company that offers Revenue Cycle Management services to hospitals, health systems, and physician groups alike. Essentially, this means that the company works with these healthcare organizations to provide debt collection for medical bills, and provides services throughout the entire revenue cycle for patient care, from when an appointment is made to when payment is successfully collected.

R1 RCM is a large Chicago-based company that employs more than 19,000 workers. R1 RCM works with more than 750 healthcare and related companies to provide debt collection for medical bills, including hospitals, entire health systems, and more—meaning that it has a huge amount of patient data. Indeed, R1 RCM is one of the largest medical debt collection companies in the United States.

What Is a Ransomware Attack?

A ransomware attack is a targeted malware attack that holds an organization’s files or systems hostage through encryption technology until the organization pays a demanded ransom.

In the healthcare industry, a ransomware attack might target an essential system like the electronic health record (HER), encrypting it and preventing a hospital or health system from being able to access the system without first paying a ransom.

Ransomware is commonly spread through phishing emails or by visiting an infected website. While it’s simple to accidentally expose a system to ransomware—simply by clicking a link from an untrustworthy source—recovery from such an attack can be a long, arduous process.

Like with any ransom agreement, paying the ransom is not actually a guarantee that access will actually be restored. Those who would employ ransomware in the first place aren’t necessarily going to follow through with their side of a ransom agreement. In fact, the FBI “does not support paying a ransom in response to a ransomware attack.” There have reportedly been instances in which, after an organization paid the ransom demanded by a ransomware hacker, the hacker never gave a decryption key back to the organization in return. The FBI further notes that when an organization agrees to pay a ransom to cyber criminals, it can incentivize these hackers and others toward this kind of illegal behavior.

R1 RCM targeted by ransomware.Ransomware Attack Statistics

Since 2016, a total of nearly seven million patients have been affected by hospital ransomware attacks, according to a recent report from the cybersecurity company Comparitech. The report notes that these hackers have demanded large ransoms for a total of more than $16 million. Of these ransom demands, the hackers have collectively received at least $640,000.

However, the actual cost of these attacks is actually much higher—estimated at approximately $157 million.

The targets of these attacks tend to be large organizations that may have access to a wide range of critical information. Many ransomware attacks have specifically targeted hospitals, as well as other major organizations like schools and cities.

At least 41 hospitals and healthcare organizations reported being targeted by successful ransomware attacks in just the first half of 2020.

What Can You Do if You Were Affected by the R1 RCM Ransomware Attack?

R1 RCM services more than 750 companies offering debt collection for medical bills. The company has access to tens of millions of patients’ information.

Information that may have been compromised in this ransomware attack includes:

  • Legal names
  • Dates of birth
  • Social Security numbers
  • Billing information
  • Medical diagnostic data
  • More

After having your information exposed in this kind of attack, it is important to change passwords, keep an eye on your bank statements, and check your credit report. If anything indicates an issue with identity theft, report this immediately.

How Did R1 RCM Respond?

Since the initial ransomware attack, R1 RCM has acknowledged that it took down its systems in response. Beyond that basic information, however, the company has declined to further elaborate on the attack.

Indeed, R1 RCM has not discussed any real specifics of the ransomware attack, including things like what kind of ransomware was used or how their networks became compromised in the first place. However, KrebsOnSecurity reports that the malware used in this particular ransomware attack is known as Defray, a type of ransomware spread through phishing emails. These emails contain a malicious file that, once opened, will encrypt system files.

This is not actually the first time the major debt collecting company has been involved in data-related hacks. In July 2011—when R1 RCM was known as Accretive Health—the company settled with the Federal Trade Commission (FTC) after failing to “adequately protect consumers’ personal information.” In the data breach, approximately 23,500 patients and their sensitive data were compromised.

Should You File a R1 RCM Lawsuit?

A growing number of people are turning to litigation over ransomware attacks. Some ransomware lawsuits have ended in significant settlements. Indeed, Banner Health agreed to a $6 million settlement over a 2016 hospital data breach issue that affected the Personal Identifiable Information of 2.9 million people.

If you were a patient at a hospital or healthcare facility affected by the R1 RCM ransomware attack, you may be able to join an R1 RCM lawsuit and pursue compensation. Filing an R1 RCM lawsuit can be a daunting prospect, so Top Class Actions has laid the groundwork for you by connecting you with an experienced attorney. Consulting an attorney can help you determine if you have a claim, navigate the complexities of litigation, and maximize your potential compensation.

Free R1 RCM Ransomware Attack Class Action Lawsuit Investigation Evaluation

Check with your doctors’ offices and hospitals to see if R1 RCM is involved in your medical billing process. If so, you may qualify to join a healthcare medical debt collection ransomware attack class action lawsuit investigation.

Get a Free Case Evaluation

This article is not legal advice. It is presented
for informational purposes only.

We tell you about cash you can claim EVERY WEEK! Sign up for our free newsletter.


4 thoughts onWere You Affected by the R1 RCM Ransomware Attack? 

  1. Patricia S Baraty-Miller says:

    I don’t know if I have or have not so if so add me

  2. Cassandra says:

    Add me please my system was hacked when I went into my mercy hospital patient portal

  3. ROBERT J GOUDIN says:

    add me please

  4. Van Farner says:

    A healthcare facility was held ransom. Someone filed a class action settlement. My personal information was in this system. They are asking if I want to be part of settlement. I have to exclude myself if I don’t or I will have know chance of getting anything on down the line. Or file a claim by filling out a claim form. But they ask for a settlement Claim ID and there isn’t one. What should I do.

Leave a Reply

Your email address will not be published. By submitting your comment and contact information, you agree to receive marketing emails from Top Class Actions regarding this and/or similar lawsuits or settlements, and/or to be contacted by an attorney or law firm to discuss the details of your potential case at no charge to you if you qualify. Required fields are marked *

Please note: Top Class Actions is not a settlement administrator or law firm. Top Class Actions is a legal news source that reports on class action lawsuits, class action settlements, drug injury lawsuits and product liability lawsuits. Top Class Actions does not process claims and we cannot advise you on the status of any class action settlement claim. You must contact the settlement administrator or your attorney for any updates regarding your claim status, claim form or questions about when payments are expected to be mailed out.