Scripps Health Lawsuit – Data Breach of Medical Information

Consumer Protection Attorneys in California

Scripps Health was the victim of a cyberattack on April 29, 2021, in which threat actors used ransomware to encrypt the healthcare providers network and devices.

On May 1, 2021, Scripps Health identified unusual network activity. Scripps Health immediately initiated their incident response protocols, which included isolating potentially impacted devices and shutting off select systems.

Scripps Health also began an investigation with the assistance of computer forensic firms. The investigation determined that an unauthorized person gained access to their network, deployed malware, and, on April 29, 2021, acquired copies of documents on their system.

On May 10, 2021, Scripps Health discovered that some of those documents contained patient information.

With almost 3,000 affiliated physicians, the healthcare provider operates 5 hospitals and 19 outpost facilities. Scripps Health treats over 700,000 patients each year.

As a result of the attack, Scripps Health had to stop their IT systems, including public-facing portals such as MyScripps and Scripps.org, and hospitals in Encinitas, La Jolla, San Diego, and Chula Vista could no longer accept stroke or heart attack patients until the ransomware attack was resolved.

Following the ransomware attack, Scripps Health in San Diego has announced a data breach that exposed patient information.


Hackers Stole Patient Data During the Attack

On June 8, 2021, Scripps Health released an updated report on the attack and says that threat actors stole patient data during the attack.

“The investigation is ongoing, but we determined that an unauthorized person did gain access to our network, deployed malware, and, on April 29, 2021, acquired copies of some of the documents on our systems,” said an updated Scripps Health security incident notice.


Consumers Deserve the Highest Level of Security

While identity thieves are becoming more sophisticated at breaking through the data protection of businesses, it is the company’s responsibility to provide the highest level of security for their consumers.

This is especially true when medical information is involved. Medical information of the type lost here, is given special protection under California law.

***For those patients whose data was exposed, Scripps Health has begun mailing notification letters on June 1st, 2021.***

(858) 293-4614 Call now to review your case with our Data Breach intake specialist. During this call, our intake specialist will review your claim regarding Scripps Health Lawsuit. 

*HIPAA and CMIA Violations – You may be entitled to damages or other remedies. If you received notice that your information was stolen due to a data breach incident, contact Potter Handy, LLP to join our class action lawsuit. No out-of-pocket expenses from you.

View example of what the letter looks like. If you received this letter contact our Law Firm.


What Information Was Involved?

After investigating the stolen data, Scripps Health determined that the attackers stole personal information for certain patients.

Upon conducting a review of those documents, Scripps Health determined that one or more files may have reflected:

  • Your name
  • Address
  • Date of Birth
  • Physician Name
  • Date(s) of Service
  • Clinical Information
  • Treatment Information
  • Social Security Number
  • Medical Record Number
  • Patient Account Number
  • Driver’s License Number
  • Health Insurance Information

Contact Our California Data Breach Lawyers

Have you received notice that your information was stolen due to a data breach incident? If so, you may be entitled to damages or other remedies.

Every day, insurance companies and health care providers lose protected medical information through careless acts, such as emailing third parties’ medical information or sending your personal information to third parties without any encryption or protection.

Our attorneys at Potter Handy, LLP have been instrumental in protecting privacy rights.

***For those patients whose data was exposed, Scripps Health has begun mailing notification letters on June 1st, 2021.***

(858) 293-4614 Call now to review your case with our Data Breach intake specialist. During this call, our intake specialist will review your claim regarding Scripps Health Lawsuit