(TNS) — A cyberattack reported in January by Group Health Cooperative, primarily based in Madison in south-central Wisconsin, affected 533,809 individuals, and the HMO advised federal regulators this week that it had no entry to stolen knowledge. stated it might embrace social safety numbers.
On Thursday, Madison legal professional Sam Strauss filed two class-action lawsuits in Dane County Circuit Court in opposition to Group Health over knowledge breaches.
One of the lawsuits, filed on behalf of Madison residents and Group Health sufferers Gabriela Jenich and Margaret Hetzler, alleges that Group Health didn’t use “cheap protections to guard affected person data.” The lawsuit accuses Group Health of negligence for failing to correctly reply to the breach. It defines group well being as clinics, pharmacies, and well being care suppliers.
Another lawsuit filed on behalf of senior resident Daniel Pearson is analogous, however defines group well being as a member-owned well being plan.
Group Health confirmed the unauthorized entry to its community on January 25, in response to an announcement launched by Group Health on Tuesday. The firm’s data know-how division secured its community and several other methods had been briefly unavailable.
The hacker tried to encrypt the corporate’s methods however was unsuccessful. Group Health reported the incident to his FBI and employed exterior companions to revive and confirm community safety and examine the assault.
On February 9, the corporate found proof that the attacker had copied a few of its knowledge, together with protected well being data. Stolen knowledge might embrace names, social safety numbers, addresses, telephone numbers, e mail addresses, dates of beginning or loss of life, group well being membership numbers, Medicare numbers, and Medicaid numbers.
“Our findings had been confirmed when the attackers, a overseas ransomware group, contacted (Wisconsin South Central Health Cooperative), claimed duty for the assault, and stole our knowledge.” stated in an announcement. “There isn’t any indication that the knowledge was used or additional disclosed.”
Representatives for Group Health declined Thursday to touch upon the lawsuit. Spokeswoman Kate McLaughlin stated the HMO has about 80,000 members, together with greater than 500,000 present and former sufferers of its suppliers.
Group Health stated it labored with the FBI and the U.S. Cybersecurity and Infrastructure Security Agency and took further steps to mitigate the harm. Potentially affected people, state and federal companies, and client reporting companies have been notified.
“To cut back the chance of one thing like this occurring once more, we have now strengthened safety measures throughout all of our methods and networks,” the HMO stated. “This consists of current controls, backing up knowledge, growing person coaching and consciousness, and different measures.”
If you could have any questions, please name Member Services at 800-605-4327. Anyone who might have been affected and didn’t obtain a notification letter ought to contact privateness@ghcscw.com or name 608-662-4899.
© 2024 Wisconsin State Journal (Madison, WI). Distributed by Tribune Content Agency, LLC.