Skip to main content

Netgain Data Breach Lawsuits

Thank you for considering The Lyon Firm. At this time, we are not accepting plaintiffs related to this specific consumer issue. However, if you would like to be contacted in the future, please complete the contact form. By completing the form you will be contacted if the Firm begins accepting new cases on this matter, and you will also be included in firm news alerts related to important consumer safety and privacy issues to help keep you informed about related issues.

The Netgain data breach incident has affected hundreds of thousands of individuals, leading to several class action lawsuits to be filed on behalf of the data theft victims. The ransomware cyber-attack targeted the cloud hosting and IT services provider late last year, when Netgain was forced to take some data centers offline.

Netgain provides IT and cloud services to several healthcare organizations, including Woodcreek Provider Service/ MultiCare Health System as well as Apple Valley Clinic/Allina Health. Woodcreek Provider Services, based in Washington, reported 207,000 patients affected and Apple Valley Clinic/Allina Health, out of Minnesota, reported around 157,000 individuals affected.

Netgain notified their clients that protected health information of patients was compromised when unauthorized individuals accessed their networks. Personal data that may have been stolen includes:

  • Names
  • Addresses
  • Medical record numbers
  • Dates of birth
  • Social security numbers
  • Health insurance policy and identification numbers
  • Clinical notes
  • Laboratory reports
  • Immunization information & vaccine records
  • Invoices
  • Correspondence with patients
  • Student identification numbers
  • Bank account numbers
  • Employment-related documents
  • Benefit and tax forms
  • Employee health information
  • Medical records

Netgain has since added security enhancements within its network to help prevent future threats, but attorneys say the damage has already been done. When data is leaked, it can remain on the dark web forever, and may fall into the hands of bad actors who use various data in fraudulent schemes.

Netgain Data Breach & Cloud Data Theft Incidents

Cloud vendors like Netgain may be an increasingly attractive target for cyberattacks and ransomware events, putting millions of Americans at risk. Companies, however, should be aware of the cybersecurity risks, and have a duty to protect customer data.

Clouds hold vast amounts of personal data that has become very valuable on the black market, and health data is particularly of interest to some cybercriminals. With every successful ransomware attack on a healthcare entity, there will be more and more attempts to duplicate the hack with a similar target.

Thus, companies like Netgain, who promise clients to protect data privacy, must understand the importance of a strong system security program. Some cloud services companies say they are not responsible for the data their clients store within their cloud services, but some experts and data privacy attorneys tend to disagree. Both a third-party, contracted cloud service vendor and an individual healthcare entity are responsible for protecting and securing stored personal health data.