Sage Datko  |  January 28, 2020

Category: Data Breach

Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.

In December 2018, a misconfigured server led to a data breach at the University of Washington Medicine.

UW Medicine Server Error Exposed Data of 974,000 Patients

On Dec. 26, 2018, a patient of UW Medicine googled their own name and discovered a public file online containing their sensitive medical information. Concerned that the data was publicly available, the patient notified UW Medicine of the privacy violation. The medical center’s internal investigation determined that an employee error three weeks earlier left the data of nearly 1 million patients exposed. According to KIRO 7, a server had been misconfigured and the error had gone unnoticed until the patient discovered it.

UW Medicine officials claimed to have taken steps to remove the sensitive data from the internet. Since Google had already saved some of the files, UW Medicine worked with the search engine to expunge the saved data and prevent it from being accessed by the public. According to UW Medicine, all of the saved data was removed from Google by Jan. 10, 2019. However, the 974,000 patients whose data was accessible and exposed for most of the month prior may still be eligible to pursue compensation for this privacy violation. Patients whose data was affected by the UW Medicine breach may be notified by mail.

In addition to patient names, the data exposed in the breach included medical record numbers, lab tests, lab results, and information on research studies. No medical records, financial data, or Social Security numbers were exposed in the breach, according to UW Medicine.

A similar data breach at the facility in 2013 resulted in 90,000 patients’ Social Security numbers and medical data being compromised when an employee opened an attachment containing malware, or a virus. The malware infected the system used to store patient data. A lawsuit regarding the breach was settled for $750,000 in 2015.

Background on Medical Data Breaches

According to the tech security website SecurityBoulevard.com, healthcare data breaches in the U.S. cost about $4 billion in 2019. Approximately 93 percent of U.S. healthcare organizations have experienced a data breach in the past few years, putting millions of patients at risk of having their personal information  exposed to third parties. Many of the health care organizations involved in data breaches have experienced multiple attacks due to employee errors, malware, unsecured networks and other causes.

Patients whose personal medical records and other sensitive information have been exposed by data breaches may be subject to invasions of privacy, identity or financial theft, and other negative consequences.

If your personal medical information was exposed by the UW Medicine data breach or another medical center data breach, you may be eligible to hire an experienced attorney and file a class action lawsuit. Victims of these breaches may be able to recover financial compensation for these invasions of privacy.

Join a Free Hospital Ransomware Attack Class Action Lawsuit Investigation

If you were a patient at a hospital or healthcare facility affected by a ransomware attack that impacted your medical care, you may qualify to join a hospital ransomware attack class action lawsuit investigation.

Learn More

This article is not legal advice. It is presented
for informational purposes only.

We tell you about cash you can claim EVERY WEEK! Sign up for our free newsletter.


6 thoughts onUW Medicine Data Breach Exposes Info of 974,000 Patients

  1. jody ezell says:

    Please add me

  2. Lee Ann Clementson-Jarrett says:

    Please add me!

  3. Ali Alshihmani says:

    My info was part of the data breach, I got a letter in the mail. Please add me.

  4. MOLLY CLYNCH says:

    My info was part of the data breach, I got a letter in the mail. Please add me.

  5. CHRISTINA MORENO says:

    Pls add me

  6. LISA HAWKINS says:

    Please add me

Leave a Reply

Your email address will not be published. By submitting your comment and contact information, you agree to receive marketing emails from Top Class Actions regarding this and/or similar lawsuits or settlements, and/or to be contacted by an attorney or law firm to discuss the details of your potential case at no charge to you if you qualify. Required fields are marked *

Please note: Top Class Actions is not a settlement administrator or law firm. Top Class Actions is a legal news source that reports on class action lawsuits, class action settlements, drug injury lawsuits and product liability lawsuits. Top Class Actions does not process claims and we cannot advise you on the status of any class action settlement claim. You must contact the settlement administrator or your attorney for any updates regarding your claim status, claim form or questions about when payments are expected to be mailed out.