Investigating Partnership HealthPlan of California data breach claims
UPDATE: The Lyon Firm has filed a class action complaint against Healthplan of California on behalf of plaintiffs who allege the company failed to protect their sensitive protected information, placing them at risk of identity theft and fraud.
The Lyon Firm is actively involved in personal privacy and data theft cases and is currently investigating Partnership HealthPlan of California data breach claims.
The Hive ransomware group, a well-known ransomware group who has taken responsibility for several high-profile cyberattacks, recently posted on its site that it has stolen 850,000 patient records from the Partnership HealthPlan of California.
Although, the post from the ransomware group has not yet been confirmed, data privacy advocates are taking the news seriously and urging Partnership HealthPlan of California patients to begin preparing for a possible data theft incident.
What Do We know About the California Security Breach?
The Partnership HealthPlan of California website says they have been “experiencing technical difficulties,” including a “disruption to certain computer systems.” The organization’s phone systems have the following automated message playing: “all of our systems are down, with no expected time of repair.”
The ransomware group says it has 400GB of stolen files in its possession, including information such as names, Social Security numbers and addresses. The official notice, shown above, also confirms that Social Security numbers, dates of birth and various medical information was leaked.
Partnership HealthPlan of California has not issued an official data breach statement, however it has issued a warning regarding unusual activity on its computer systems.
Hive has targeted the healthcare industry in the past, with 2021 ransomware attacks on Memorial Health System in Ohio and Johnson Memorial Health in Indiana.
Hundreds of hospitals and healthcare entities across the nation have suffered data breaches in the last couple of years and have spawned dozens of class action lawsuits that seek to compensate victims for the damage and stress it has caused in their lives. If you have received a data breach notification letter, contact a data privacy lawyer to review.
Joe Lyon is a highly-rated data breach lawyer and Privacy Attorney representing plaintiffs nationwide in class action security breach lawsuits.
What Should I Do Following a Data Breach?
Regardless of the reason for a security breach, victims have the right to file a claim against a company for failing to protect their information. All companies and organizations must exercise reasonable care in protecting patient information, and if they do not, they can be held liable for the damages that result, including identity theft.
Security breach plaintiffs and privacy attorneys representing plaintiffs have been able to settle multi-million dollar recoveries. If you or a loved one has received notice of a data breach affecting you, or suspect signs of identity theft, contact a data theft lawyer for a free consultation.
If you want more information on current data breach litigation and how to file a data theft class action lawsuit, contact The Lyon Firm for a free and confidential Partnership HealthPlan of California case review.
How Do Data Breaches Occur?
A data breach typically occurs in malware, phishing attacks or ransomware attacks when a hacker or cybercriminal gains access to sensitive personal information that has been collected and stored on a company’s servers. Hackers often target organizations with weak or outdated security practices.
Once the information is obtained, it can be sold to third parties to use in identity theft or other fraudulent data theft schemes. Victims of data breaches are at an increased risk of identity theft and financial losses.
If you have received a letter about a recent data breach, contact a class action privacy attorney.
Data Theft Lawyers believe companies who collect and store personal data have an ethical and legal duty to protect it to prevent data theft. Creating a proper network security system is expensive, however, and many medical facilities attempt to bypass these necessary costs. If a hospital or health entity fails to protect consumers’ and patients’ sensitive information, and data is stolen, they may be held liable.
The Lyon Firm encourages all potentially affected individuals in the security breach to act quickly and remain vigilant against potential medical identity theft and fraud by reviewing account statements, medical bills and credit reports. Contact a privacy attorney to review your case.
What to do if You are a Victim of a Data Breach?
After your data is stolen, you may always be at risk for future identity theft and fraud. But, you can protect yourself with identity theft coverage and subscribing to an ID Theft Recovery service.
It’s important to stay alert and watch for signs of illegal activity that uses your accounts. If you happen to see unusual activity, take the appropriate actions described above to help protect yourself. If you want more information on what to do when a data breach impacts you, call The Lyon Firm or visit the FTC identity theft website.
Remember that you are not the only victim of a data breach. There are millions of Americans who suffer from data privacy events, many of whom seek legal action for compensation and to hold companies accountable for negligent security systems.
Healthcare Security Breach
The rise of healthcare hacks have left millions of patients vulnerable to stolen medical records and identity theft. The vast majority of hospitals and health insurance companies have reported medical record data breaches, and although it is unknown what can be done with medical data, patient’s financial data and personal information can easily be used in nefarious ways.
With the rise of electronic medical data storage in place of old paper files, there are more and more instances of healthcare related security breach incidents and subsequent class action lawsuits.
Can You Sue for a Data Breach?
Entities that collect and store data have a duty to protect personal information to the best of their ability. When they are negligent, and a data theft incident occurs, they may be liable for the following:
Improperly monitoring data security systems for existing intrusions
Not ensuring that vendors with access to computer systems and data employ reasonable security procedures
Improperly training employees in handling emails containing personal data and maintain adequate email security practices
Failure to implement technical policies and procedures to allow electronic data access only to individuals or software programs granted access rights
Failure to implement procedures to review records of information system activity regularly, such as audit logs, access reports and security incident tracking reports
Improperly protecting against reasonably anticipated threats or hazards to the security or integrity of stored data
An experienced class action privacy attorney can determine if you are eligible to file a data breach lawsuit or join a class of plaintiffs. Lawyers investigating the matter can assist in determining the following:
Did Partnership HealthPlan of California fail to adopt security safeguards that would have prevented a breach?
Did Partnership HealthPlan notify customers as soon as it learned of the incident?
Did Partnership HealthPlan provide a complete list of all individuals impacted?
Did Partnership HealthPlan provide security in line with industry standards?
CONTACT THE LYON FIRM TODAY
Please complete the form below for a FREE consultation.
ABOUT THE LYON FIRM
Joseph Lyon has 17 years of experience representing individuals in complex litigation matters. He has represented individuals in every state against many of the largest companies in the world.
The Firm focuses on single-event civil cases and class actions involving corporate neglect & fraud, toxic exposure, product defects & recalls, medical malpractice, and invasion of privacy.
NO COST UNLESS WE WIN
The Firm offers contingency fees, advancing all costs of the litigation, and accepting the full financial risk, allowing our clients full access to the legal system while reducing the financial stress while they focus on their healthcare and financial needs.
Compensation for Victims
Can I Sue a Company for Releasing my Personal Information?
Without data breach class actions, large corporate defendants would be able to cause small amounts of harm over a large group of individuals without any risk of monetary penalty.
Holding companies accountable for poor cybersecurity and data theft incidents helps ensure that consumers are better protected in the future.
Under current privacy law the firm or organization that is storing user data are responsible for data theft incidents and will pay any fines or damages that are the result of legal action. The actual data holder—an organization that provides cloud storage—is not usually legally implicated or held responsible in litigation.
The majority of online privacy incidents are due to negligent or ineffective network security. Outside threats pose personal data risks for consumers, though there is also a risk with internal security and a cloud-based data network. Some common ways data can be compromised include:
A Class Action is a lawsuit brought by an individual on behalf of all other similarly situated individuals. Rule 23 of the Federal and State Rules of Civil Procedure allows for Class Action lawsuits to resolve disputes in an efficient format.
Class Actions are typically filed when the amount of money in dispute for a single plaintiff would not justify litigating the case, but where the amount of damages of the entire class of Plaintiffs would justify the cost of litigation. Without class actions, large corporate defendants would be able to cause small amounts of harm over a large group of individuals without any risk of monetary penalty.
In order for a case to be certified as a Class Action, the Court must determine that the case is appropriate for class action treatment under Rule 23. There are different elements depending on whether the case is seeking monetary or injunctive relief. In general, the Court must find the following elements are satisfied:
Numerosity: The proposed class must be so numerous that simply joining the individual plaintiffs would be impractical. Generally, the class size should exceed 100 individuals.
Common Questions of Law or Fact: The facts and/or legal questions in the dispute must be common to all class members. This does not mean all facts or issues must be identical, but the primary facts and law that will determine the issue in dispute must be common among all class members.
Typicality: The named Plaintiff in the case must have the same facts and legal issues as the class they are proposing to represent. If the Plaintiff’s individual case involves issues of fact or law unique to that Plaintiff and are irrelevant to the ultimate issue, class certification may be denied by the Court.
Plaintiff/Counsel Adequately Represents the Class: The Court must find that the Plaintiff and Plaintiff’s Counsel are competent and will protect the class’ interests.
Predominance: Common questions of fact predominate over individual facts.
Superiority: The Class Action is a more efficient and fair means of resolving the dispute. The Court will look at the following factors when making this determination: (1) Class Member interest in maintaining a separate action; (2) the extent of any litigation already begun by other class members; (3) desirability or undesirability of litigating the case in a particular Court ; (4) difficulties in managing the class.
protect your personal data
What should you do following a data breach?
Have you received a notification letter indicating your personal information may have been compromised? Following an incident, victims should consider talking to a legal expert, and move quickly to take the following steps to help prevent identity theft and fraud:
Confirm the data breach by contacting the “breached” company
Learn exactly what kind of personal data was compromised
Monitor your accounts for fraudulent activity
Change your logins and passwords
Keep a detailed record of suspicious activity
Contact your bank and cancel credit cards if they have been leaked