TMCnet News
CHS data breach spurs class-action lawsuit [The Times Leader, Wilkes-Barre, Pa. :: ](Times Leader (Wilkes-Barre, PA) Via Acquire Media NewsEdge) Aug. 26--WILKES-BARRE -- While no one from the Wyoming Valley has joined in, a federal class-action lawsuit has been filed against Community Health Systems (CHS) as a result of a data breach that affected 4.5 million patients. Five patients from Alabama filed the suit in the Northern District of Alabama on Aug. 20. The lawsuit alleges that CHS "did not provide adequate security measures to protect Plaintiffs' sensitive information." The lawsuit also alleges that CHS failed to notify patients of the breach in a timely manner, and "therefore, Plaintiffs were unable to take action to protect themselves from harm." No lawsuits against CHS referencing the data breach have been filed in the U.S. District Court for the Middle District of Pennsylvania or the Luzerne County Court of Common Pleas as of Tuesday afternoon. Representatives of CHS did not respond to requests for comment. Donald Stewart, an attorney at Stewart & Stewart, PC, one of the legal offices representing some of the five Alabama patients, could not be reached for comment. According to a report the company filed on Aug. 18 with the U.S. Securities and Exchange Commission, the attack took place in April and June. CHS and its forensic expert, Mandiant, believe that the attacker was an "advanced persistent threat" originating from China. The group allegedly used highly sophisticated malware and technology to attack the company's computer systems, and was able to bypass security measures to copy and transfer certain data from the company. The transferred information did not include any medical information or credit card information, but it did include names, addresses, birth dates, telephone numbers and Social Security numbers, CHS said. CHS officials believe the intruder was a foreign-based group out of China that was likely looking for intellectual property. "Limited personal identification data belonging to some patients who were seen at the Berwick Medical Professionals practices, Wilkes-Barre Academic Medicine Clinic, Wyoming Valley Surgical Associates, Wilkes-Barre Neurosurgical Associates, Scranton Clinic Company and Wilkes-Barre Clinic Company over the past five years was transferred out of our organization in a criminal cyber attack by a foreign-based intruder," CHS said in a statement. Tomi Galin, senior vice president of corporate communications and marketing for CHS, said identity theft protection and credit monitoring services are being offered free of charge to impacted individuals for one year. Patients who have been affected will receive a letter from their physician's office. A toll-free number (1-855-205-6951) has been set up to answer patients' questions. Based in Franklin, Tennessee, CHS owns or leases 206 hospitals in 29 states, including: Wilkes-Barre General Hospital; First Hospital in Kingston; Regional Hospital and Moses Taylor Hospital, both in Scranton; and Berwick Hospital and Tyler Memorial Hospital in Tunkhannock. In those hospitals, CHS spokeswoman Renita Fennick said there's a workforce of about 6,000. CHS has 20 affiliated hospitals across Pennsylvania, including in York, Philadelphia, Lancaster and Easton. ___ (c)2014 The Times Leader (Wilkes-Barre, Pa.) Visit The Times Leader (Wilkes-Barre, Pa.) at www.timesleader.com Distributed by MCT Information Services |