Skip to main content
Over a doctor’s shoulder we see a spreadsheet of medical data on a vulnerable hospital computer.

The Harris Center Data Breach Investigation

Thank you for considering The Lyon Firm. At this time, we are not accepting plaintiffs related to this specific consumer issue. However, if you would like to be contacted in the future, please complete the contact form. By completing the form you will be contacted if the Firm begins accepting new cases on this matter, and you will also be included in firm news alerts related to important consumer safety and privacy issues to help keep you informed about related issues.

The Lyon Firm is experienced in filing class action data breach lawsuits on behalf of plaintiffs nationwide. Anyone who has had their data stolen can file a claim and hold the responsible parties accountable for their IT security negligence. Contact our lawyers to file a Harris Center data breach claim. 

After learning about the MOVEit transfer data theft incident in August 2023, the Harris Center for Mental Health started sending out data breach notification letters to all impacted individuals. According to reports, almost 600,000 individuals linked to Harris may have had their personal information compromised in the attack. In total, tens of millions of individuals now have their data at risk over the MOVEit debacle.

MOVEit is a popular file transfer service used by government agencies, corporations, health care entities, and thousands of other organizations around the world. An unauthorized third party exploited a previously unknown vulnerability in MOVEit that allowed them to gain access to files on the MOVEit systems.

On August 9th,  The Harris Center completed a data breach review and determined that the documents compromised contained personal information that included name, address, date of birth, Social Security number, health insurance information, and protected health information.

On August 17th, The Harris Center began sending written notice to the individuals whose information could have been involved in this incident. All impacted can contact an attorney to discuss legal action, and possibly joining an existing class action lawsuit.

There is a HIPAA Breach Notification Rule that requires data breach notifications to be issued to the HHS “without unnecessary delay.” Data Privacy lawyers say there has been a trend for many impacted healthcare entities to wait too long before alerting affected individuals, a non-action that places consumers at a higher risk for identity theft and medical-related fraud.

Delays in sending out healthcare data theft notifications could mean individuals’ personal data lands in the hands of criminals months before victims can begin to protect themselves.

Call The Lyon Firm to discuss the MOVEit and Harris Center data breach incident. Learn more about your next steps and potential compensation for your losses.