Fighting the good fight Nationally
Patients Sue DCH Health System Over Ransomware Attack
For years, cybercriminals have targeted local governments and organizations with ransomware attacks in order to gain access to private and sensitive data. Another often targeted sector for cyberattacks is the healthcare industry due to the plethora of personal data stored for each patient. Recently, four DCH Health System (DCH) patients filed a federal class action lawsuit alleging the Alabama Hospitals violated health information privacy laws and disrupted their medical care when the system was hit with a ransomware attack in October 2019.
The lawsuit alleges negligence, invasion of privacy, breach of contract, and breach of fiduciary duty after a large-scale ransomware attack shut down the three-hospital system to non-critical patients for 10 days. During this time, patients had to forego medical treatment due to an inability to access their own health information. The patients further allege DCH also violated federal medical privacy laws, known as the Health Insurance Portability and Accountability Act (HIPAA), as well as other laws governing medical records. The perpetrator of the ransomware attack gained access to medical records along with medical and billing information from the attack.
What Is A Ransomware Attack?
Ransomware is a type of malicious software that blocks users from accessing critical systems and data until a ransom is paid. It is frequently delivered through phishing emails. According to FBI statistics, in 2018 alone U.S. businesses paid out more than $3.6 million to hackers in these kinds of attacks. Cybercrime magazine Cybersecurity Ventures forecasts global ransomware damage costs will reach $20 billion by 2021. Despite these projections, the FBI still warns against paying ransoms because there is no guarantee the hacker will release the files once the ransom is paid.
Traditionally, cyberattackers distributed ransomware with the intent to reach as many users as possible, often targeting hundreds or even thousands of people with the malicious code. More recently, cybercriminals with increasingly sophisticated malware are moving toward more targeted ransomware attacks on victims with deep pockets, such as large companies and corporations.
When a ransomware attack targets a healthcare system, it impacts data, but more importantly, it exposes highly sensitive patient information. These attacks can disrupt patient services, create confusion, and in 2019 alone, forced several healthcare providers to temporarily shut down. Because of the nature of the data protected, the perception that healthcare providers are more likely to pay a ransom has led to an increase in active targeting of healthcare organizations.
Healthcare Privacy Lawyers
Were you a patient of a hospital or other healthcare facility that fell victim to a ransomware attack? Were your appointments canceled, records lost, or other medical care disrupted as a result? If you were a patient at a hospital or healthcare facility affected by a ransomware attack that impacted you, you may qualify to join one of our hospital ransomware attack class action lawsuits. Contact Whitfield, Bryson & Mason today for more information about how we can help.
Whitfield Bryson & Mason
Our trial lawyers were specifically chosen for the depth of their experience and the breadth of their knowledge. Among the group are attorneys who have been recognized for excellence by industry associations and have gained national recognition for significant victories in challenging cases.
John Whitfield has been significant in his management of a suit involving the death of my son in a motorcycle accident. His professionalism, compassion, support, and especially his knowledge base in this suit has been above reproach. He has communicated well and kept all parties apprised of the status of the suit. I feel he negotiated effectively to reach the best possible settlement for my son's estate. He certainly assures his clients are represented well. I am grateful for his successfully bringing this suit to a satisfactory conclusion. In short, John's expertise has been awesome.
I am very grateful to Gary Mason for taking the initiative in filing suit against the manufacturers of defective CSST pipe. I am sure that this successful litigation will now help Maryland homeowners become aware of the danger of old style CSST pipe and to let them know what steps they may take to protect themselves against those dangers. Who knows how many lives and homes may be saved as a result of his efforts. Thank you Gary Mason for your important work in this litigation. I enjoyed working with him on this effort.