A data breach has been reported involving Bricker & Eckler, the Columbus, Ohio law firm that represents TriHealth. A statement from both companies indicates that some 430,185 people may have been affected nationwide, including the leak of 1,700 Social Security numbers of employees and patients.
Bricker & Eckler was the target of a late January ransomware attack, but it wasn’t until April that TriHealth’s patients were notified. Personal data compromised in the hack includes names, addresses, medical information, driver’s license numbers, and some social security numbers. No further data was accessed from TriHealth the servers, according to a company statement.
Bricker & Eckler has access to the TriHealth client personal information for professional use. Unauthorized individuals gained access to Bricker’s internal systems in January, stealing spreadsheets with personal data.
Bricker & Eckler said it has bolstered its network security and is offering TriHealth patients a one-year identity protection service. But plaintiffs say this is not compensation enough for data that may never be retrieved, and victims may face an increased risk of identity theft.