TMCnet News

Keller Rohrback Investigates Data Breach Involving More Than 3.7 Million Banner Health Patients, Customers and Physicians
[August 09, 2016]

Keller Rohrback Investigates Data Breach Involving More Than 3.7 Million Banner Health Patients, Customers and Physicians


Attorney Materials. Keller Rohrback L.L.P. is investigating recent reports of a large data breach arising from an attack on Arizona's largest healthcare provider, Banner Health. Reports indicate that approximately 3.7 million people including patients, health plan members, beneficiaries, food and beverage customers, and physicians may have had their information exposed when hackers originally accessed payment cards used at Banner Health food and beverage outlets. The breach reportedly spread from cardholder data to include patient and health plan information including patient names, addresses, birth dates, doctor and service information and possibly social security numbers.

This Smart News Release features multimedia. View the full release here: http://www.businesswire.com/news/home/20160809005428/en/

Reports indicate that approximately 3.7 million people including patients, health plan members, bene ...

Reports indicate that approximately 3.7 million people including patients, health plan members, beneficiaries, food and beverage customers, and physicians may have had their information exposed. (Photo: Business Wire)

According to Banner Health's website, cyber attackers gained unauthorized access to information stored on Banner Health's computer servers that process payment card data at certain Banner Health food and beverage outlets. It is believed that the original attack occurred on June 17, 2016 and various food outlets may have been affected between June 17, 2016 - July 7, 2016. Employees and patients were notified of the breach for more than a month later.

The cyberattack originally targeted payment card information including cardholder name, card number, expiration date and internal verification code as the data was being routed through the affected payment processing system/s. Later reports indicate that the hackers may have also accessed additional systems to include personal information such as patient names, birth dates, addresses, doctors' names, dates of service, claims information and possibly health insurance and social security numbers.

Banner Health owns and operates 29 hospitals in seven states including University Medical Center Phoenix, formerly Banner Good Samaritan Medical Center. Banner lists the following potentially affected food and beverage outlets:



Alaska: Fairbanks Memorial Hospital Café; Arizona: University Medical Center Phoenix Bistro, University Medical Center Tucson Healing Gardens, University Medical Center Tucson Main Campus, University Medical Center Tucson South Campus, Banner Baywood Medical Center Cafeteria, Banner Behavioral Health Hospital - Camelback Café, Banner Boswell Medical Center Lobby Latte, Banner Boswell Medical Center Culinary Services, Banner Casa Grande Medical Center Café, Banner Corporate Center - Mesa Bistro, Banner Corporate Center - Mesa Espresso, Banner Del E. Webb Medical Center - Daily Grind, Banner Desert Medical Center Bistro, Banner Estrella Medical Center Café, Banner Gateway (News - Alert) Medical Center - Canyon Café, Banner Heart Hospital Deli, Banner Ironwood Medical Center Café, Banner MD Anderson Cancer Center - Salt River Bistro, Banner Thunderbird Medical Center - Tbird Café; Colorado: Banner Fort Collins Medical Center Café, East Morgan County Hospital Bistro, McKee Medical Center Cafeteria, North Colorado Medical Center Bistro 1, North Colorado Medical Center Bistro 2; Wyoming: Community Hospital - Torrington Bistro.

"Banner Health's patient and client information should have received greater protection and notifications should have occurred immediately upon learning of this attack. There is a fundamental breakdown when accessed credit card information at a food outlet can lead to a hacker also accessing highly confidential patient information," said Keller Rohrback attorney Amy Hanson.


If you are concerned that your personal information was breached and would like to know more about your rights, please contact attorneys Cari Campen Laufenberg or Amy Hanson at (800) 315-0177 or via email at [email protected].

Keller Rohrback is a leader in representing patient, consumer and employee victims of data breaches. Keller Rohrback has a long track-record of success with data breach litigation, including the Ninth Circuit case Krottner v. Starbucks, where the court held that the theft of a laptop containing employees' personally identifiable information sufficed to confer Article III standing on plaintiffs.

The firm serves in leadership roles in the Sony Data Breach case, which recently received final settlement approval in the Central District of California, as well as in the VTech Electronics and Experian data breach cases. In addition, Keller Rohrback also represents plaintiffs in the Target consumer data breach litigation, as well as the data breach cases pending against 21st Century Oncology, Anthem Inc., Excellus BlueCross BlueShield, and Medical Informatics Engineering.

Keller Rohrback, with offices in New York, Seattle, Phoenix, Oakland, Ronan and Santa Barbara, serves as lead and co-lead counsel in class actions throughout the country. Our Complex Litigation Group is proud to offer its expertise to clients nationwide, and our trial lawyers have obtained judgments and settlements on behalf of clients in excess of seven billion dollars.

Attorney Advertising. Prior results do not guarantee a similar outcome.

Protecting your private information

The Federal Trade Commission provides information and tips on how to protect yourself against fraudulent credit card charges.

For immediate steps to repair identity theft, click here.

For information on how to keep your personal information secure, including securing your social security number, click here.


[ Back To TMCnet.com's Homepage ]