Jessica M. Semins  |  June 8, 2022

Category: Legal News

Top Class Actions’s website and social media posts use affiliate links. If you make a purchase using such links, we may receive a commission, but it will not result in any additional charges to you. Please review our Affiliate Link Disclosure for more information.

healthcare data breach hacker

When you seek medical attention, you supply the healthcare entity with a wide range of personal and financial information. Additionally, you also trust that the provider will safeguard the confidential health information documented in connection with your visit.

Although federal HIPAA regulations and state laws are in place to protect your medical records from wrongful disclosure, unfortunately they don’t always prevent cybercriminals from accessing medical records that are stored electronically.

Significantly, there were more than 600 health care related data breaches in 2020, affecting nearly 29 million medical records.

What information can cybercriminals obtain by accessing health records?

Medical records contain many personal identifying characteristics for individuals, including social security numbers, credit card information, addresses, telephone numbers, family history, physical descriptors, and sometimes even photos. Critically, the value of a medical record to a cybercriminal is dependent upon how much information is included. In some cases, a single medical record can be sold on the dark web for up to $1,000.

Stolen medical records are used by cybercriminals to submit fraudulent medical claims, acquire controlled substances, create false identities, and for ransomware or extortion purposes. Unlike identity theft involving banking information in which you can obtain a new account number or social security number if your data has been compromised — your medical history cannot be changed.

Critically, it is also typically much longer before a health care security breach is uncovered, compared with a breach associated with stolen banking or credit card information. This can lead to even more personally identifiable information being stolen over an extended period of time.

What healthcare entities can be affected by a data breach?

Regardless of the precautions that are taken to protect electronically stored patient information, any healthcare entity can be affected by a data breach. Over the last few years, the records at countless hospitals, laboratories, dental offices, rehabilitation centers, and nursing homes may have been subject to cyberattacks.

There have even been instances in which healthcare-related apps have been breached due to weak encryption or security flaws. In fact, according to healthcareglobal.com, 85% of COVID-19 tracking apps were found to have leaked data.

doctor or nurse inputing patient information on the UCLA Health computer networkIn some cases, it is not always the computer system at the healthcare facility itself that has been breached. With the increased use of electronic medical records throughout the last decade, many medical entities use cloud-based storage. Effectively, if a hacker is able to gain access to the information stored by a cloud provider, the medical records at dozens of facilities can be stolen.

This was the case in the biggest healthcare breach in 2020 — the Blackbaud security breach. In this cyberattack, the medical records of more than 10 million patients at 22 different institutions were exposed during a data breach that continued for a month until the incident was detected. Not only were the medical records of those who treated at facilities that used the cloud-based provider compromised, but the bank account numbers of at least 10% of the patients were also breached.

What can you do if you were affected by a healthcare data breach?

If you were made aware that your personal identifying information was compromised by a data breach due to a healthcare facility’s failure to take proper cybersecurity measures, you may be able to take legal action. An experienced attorney can best advise whether you have a claim and might be entitled to recovery by filing a data breach lawsuit.

Join a Florida College Fees Refund Class Action Lawsuit Investigation

If you were affected by a data breach, you might be eligible to join or file a class action lawsuit. 

Click on the button below to see if you qualify for a free lawsuit claim review. 

We tell you about cash you can claim EVERY WEEK! Sign up for our free newsletter.


20 thoughts onHealthcare data breaches: what you need to know

  1. Shareignia Pugh says:

    ADD ME PLEASE

  2. Antoinette says:

    Received a letter for myself and my husband the our records were exposed due to breach from DuPage Medical Group. Please add.

    1. Pearl hetzel says:

      Please add me

  3. Renae Craine says:

    Add me please

  4. Michelle says:

    In car accident, in hospital, day getting home, a company called to verify I purchased a $400 ladies belt, we said not, called police, they know where the item for shipped to, they have my info social security everything. We had to put fraud safety and still have that on, so now ever time I try and apply for anything it takes longer because I have to keep that safety, it’s a constant worry for me. And constant pain. Add me

  5. Tamara Reese says:

    Add me

  6. Shawna says:

    Add me please

Leave a Reply

Your email address will not be published. By submitting your comment and contact information, you agree to receive marketing emails from Top Class Actions regarding this and/or similar lawsuits or settlements, and/or to be contacted by an attorney or law firm to discuss the details of your potential case at no charge to you if you qualify. Required fields are marked *

Please note: Top Class Actions is not a settlement administrator or law firm. Top Class Actions is a legal news source that reports on class action lawsuits, class action settlements, drug injury lawsuits and product liability lawsuits. Top Class Actions does not process claims and we cannot advise you on the status of any class action settlement claim. You must contact the settlement administrator or your attorney for any updates regarding your claim status, claim form or questions about when payments are expected to be mailed out.