Skip to main content
A woman purchases medications at a pharmacy counter, unaware that the data entered into the computer screen next to her could be compromised in violation of HIPAA regulations.

Tift Regional Health Data Breach Investigation

Thank you for considering The Lyon Firm. At this time, we are not accepting plaintiffs related to this specific consumer issue. However, if you would like to be contacted in the future, please complete the contact form. By completing the form you will be contacted if the Firm begins accepting new cases on this matter, and you will also be included in firm news alerts related to important consumer safety and privacy issues to help keep you informed about related issues.

Joe Lyon, an experienced data privacy lawyer, is investigating the Tift Regional data breach that has allegedly impacted tens of thousands of individuals. Former and current patients may have had personal information leaked after a ransomware incident in August of last year.

The Tift Regional Medical Center in Georgia has begun notifying over 180,000 patients of a data breach that compromised personal and protected health information.

The cyberattack was detected in August 2022 and according to the notification letter sent out, files may have been accessed or copied without authorization. The attack was conducted by the Hive ransomware group, and the group claimed to have stolen a trove of data, some of which was released on its data leak site.

What Personal Data was Compromised?

Impacted patients have been informed that the stolen files may have contained the following:

  • Names
  • Dates of birth
  • Social Security numbers
  • Medical information

The HIPAA Breach Notification Rule requires data breach notifications to be issued within 60 days of the discovery of a data breach, and the HHS was notified on time (October 14, 2022). However, Tift Regional did not explain in the notification letters why there was a delay in sending the notification letters.

Can I Join a Class Action Data Breach Lawsuit?

Your class action privacy attorney can determine if you are eligible to file or join a class of plaintiffs in a data breach lawsuit. Our lawyers can assist in determining the following:

  • Did Tift Regional Medical Center fail to adopt security safeguards that would have prevented a data breach?
  • Did Tift notify patients as soon as it learned of the incident?
  • Did Tift provide a complete list of all individuals affected?
  • Did the medical center initially provide security in line with industry standards?

Joe Lyon has litigated data privacy cases across the country and takes pride in representing plaintiffs to protect their rights and reach the largest settlement possible. Contact the firm for a free and confidential consult.