Judge Advises Dismissal of CommonSpirit Breach Lawsuit
p
Healthcare
Industry Specific
Legislation Litigation
ppA second federal judge has recommended the dismissal of a second proposed class action lawsuit against Catholic hospital chain CommonSpirit over a 2022 cyberattack and data breach that affected nearly 624000 people Both judges said the plaintiffs failed to show how they were harmed by the breachppSee Also NHS Ransomware Attack Healthcare Industry Infrastructures Are CriticalppUS Magistrate Judge Susan Proses recommendation on April 16 to dismiss the proposed class action lawsuit filed in April 2023 by plaintiff Bonnie Maser was based on the plaintiffs lack of Article III standing finding that Maser did not prove that recent bank fraud she suffered was tied to the CommonSpirit breachppThat decision is at least the second time a federal court has ruled to dismiss litigation filed against Chicagobased CommonSpirit related to the organizations October 2022 ransomware attack due to lack of standingppEarlier an Illinois federal judge in the consolidated case of two proposed class action lawsuits filed against CommonSpirit by lead plaintiffs Leeroy Perkins and Jose Antonio Koch dismissed that litigation in October 2023 because the plaintiffs lacked standing see CommonSpirit Facing 2 Proposed Class Actions Post BreachppFederal health data breach lawsuits typically fail because they lack standing said regulatory attorney Paul Hales of the Hales Law Group who is not involved in the CommonSpirit litigation ppStanding requires plaintiffs to allege facts claiming they suffered actual concrete harm because of the breach Claims of future speculative harm are insufficient to maintain a federal lawsuit he saidppIn the lawsuit recommended for dismissal last week plaintiff Bonnie Maser claimed that someone had looted her credit union account Hales said However the magistrate judge found the facts alleged in her lawsuit did not link that theft to the CommonSpirit data breach he saidppIn Masers case the judge has recommended the lawsuit to be dismissed because Maser did not allege concrete or imminent harm from the CommonSpirit data breach to support Article III standingppCommonSpirit did not immediately respond to Information Security Media Groups request for comment on the dismissed lawsuits or whether the organization faces any other pending federal or state litigation involving the cyberattackppDespite the rulings in the CommonSpirit cases other recent proposed class action suits in data security and privacy cases have succeeded in defeating defendants routine lackofstanding challenges Hales saidpp The impact on affected individuals facts of each case and lessons learned by the plaintiffs bar are factors in this success he saidppFor example in January a California federal judge denied for a second time Metas motion to dismiss consolidated class action litigation alleging that the social media giant unlawfully collected patient data from the websites of hospitals and other providers through the use of its Pixel tracking tool Hales said see Judge Denies Metas 2nd Try to Dismiss Pixel Privacy CaseppSome other health data breach lawsuits have ended with recent multimilliondollar settlements ppLaw group Orrick Herrington Sutcliffe earlier this month agreed to a 8 million proposed agreement with plaintiffs to settle four proposed consolidated class action lawsuits filed against the San Franciscobased firm last year in the wake of a March 2023 hacking incident that affected nearly 638000 individuals see Law Firm to Pay 8M to Settle Health Data Hack LawsuitppSubstantial class actions following major data breaches plague organizations in all industries Hales said Private plaintiffs have emerged as significant actors enforcing individual privacy rights Their lawsuits give data breaches additional publicity Like cybercriminals they highlight the need to strengthen data security he saidppThe defense bar is primed to fight lawsuits tenaciously Hales said However when reasonable defendants are more likely to settle cases with relative speed than just a few years agoppA report released this week by law firm BakerHostetler shows that data breach incidents even small ones are leading to litigation more frequently It says that in the 493 breach notifications issued in 2023 58 incidents resulted in one or more filed lawsuitsppCommonSpirit in an unaudited quarterly report issued on Feb 15 said its cyber incident had a 160 million adverse financial impact in fiscal 2023 exclusive of any potential insurancerelated recoveriesppThat financial fallout included lost revenue costs incurred to remediate the incident and other business expensesppThe organization is aware of lawsuits filed and proposed class actions against CommonSpirit regarding the cybersecurity incident There can be no assurances that the resolution of this matter will not affect the financial conditions of operations of CommonSpirit taken as a whole the report saysppThe October 2022 ransomware attack on CommonSpirit a nonprofit Catholic chain of 142 hospitals and nearly 2250 care sites across 24 states affected IT systems such as electronic health records access and caused other disruptions at several facilities across multiple states for several weeksppExecutive Editor HealthcareInfoSecurity ISMGppMcGee is executive editor of Information Security Media Groups HealthcareInfoSecuritycom media site She has about 30 years of IT journalism experience with a focus on healthcare information technology issues for more than 15 years Before joining ISMG in 2012 she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeeks healthcare IT media sitepp
ppCovering topics in risk management compliance fraud and information securityppBy submitting this form you agree to our Privacy GDPR StatementppwhitepaperppwhitepaperppwhitepaperppEndpoint SecurityppCyberwarfare NationState AttacksppCybercrimeppData Masking Information ArchivingppCybercrimeppContinue pp
90 minutes Premium OnDemand
ppOverviewppFrom heightened risks to increased regulations senior leaders at all levels are pressured to
improve their organizations risk management capabilities But no one is showing them how
until nowppLearn the fundamentals of developing a risk management program from the man who wrote the book
on the topic Ron Ross computer scientist for the National Institute of Standards and
Technology In an exclusive presentation Ross lead author of NIST Special Publication 80037
the bible of risk assessment and management will share his unique insights on how toppSr Computer Scientist Information Security Researcher
National Institute of Standards and Technology NISTppWas added to your briefcaseppJudge Advises Dismissal of CommonSpirit Breach LawsuitppJudge Advises Dismissal of CommonSpirit Breach Lawsuitpp
Just to prove you are a human please solve the equation
ppSign in now ppNeed help registering
Contact support
ppComplete your profile and stay up to dateppContact Support ppCreate an ISMG account now ppCreate an ISMG account now ppNeed help registering
Contact support
ppSign in now ppNeed help registering
Contact support
ppSign in now ppOur website uses cookies Cookies enable us to provide the best experience possible and help us understand how visitors use our website By browsing bankinfosecuritycom you agree to our use of cookiesp
Healthcare
Industry Specific
Legislation Litigation
ppA second federal judge has recommended the dismissal of a second proposed class action lawsuit against Catholic hospital chain CommonSpirit over a 2022 cyberattack and data breach that affected nearly 624000 people Both judges said the plaintiffs failed to show how they were harmed by the breachppSee Also NHS Ransomware Attack Healthcare Industry Infrastructures Are CriticalppUS Magistrate Judge Susan Proses recommendation on April 16 to dismiss the proposed class action lawsuit filed in April 2023 by plaintiff Bonnie Maser was based on the plaintiffs lack of Article III standing finding that Maser did not prove that recent bank fraud she suffered was tied to the CommonSpirit breachppThat decision is at least the second time a federal court has ruled to dismiss litigation filed against Chicagobased CommonSpirit related to the organizations October 2022 ransomware attack due to lack of standingppEarlier an Illinois federal judge in the consolidated case of two proposed class action lawsuits filed against CommonSpirit by lead plaintiffs Leeroy Perkins and Jose Antonio Koch dismissed that litigation in October 2023 because the plaintiffs lacked standing see CommonSpirit Facing 2 Proposed Class Actions Post BreachppFederal health data breach lawsuits typically fail because they lack standing said regulatory attorney Paul Hales of the Hales Law Group who is not involved in the CommonSpirit litigation ppStanding requires plaintiffs to allege facts claiming they suffered actual concrete harm because of the breach Claims of future speculative harm are insufficient to maintain a federal lawsuit he saidppIn the lawsuit recommended for dismissal last week plaintiff Bonnie Maser claimed that someone had looted her credit union account Hales said However the magistrate judge found the facts alleged in her lawsuit did not link that theft to the CommonSpirit data breach he saidppIn Masers case the judge has recommended the lawsuit to be dismissed because Maser did not allege concrete or imminent harm from the CommonSpirit data breach to support Article III standingppCommonSpirit did not immediately respond to Information Security Media Groups request for comment on the dismissed lawsuits or whether the organization faces any other pending federal or state litigation involving the cyberattackppDespite the rulings in the CommonSpirit cases other recent proposed class action suits in data security and privacy cases have succeeded in defeating defendants routine lackofstanding challenges Hales saidpp The impact on affected individuals facts of each case and lessons learned by the plaintiffs bar are factors in this success he saidppFor example in January a California federal judge denied for a second time Metas motion to dismiss consolidated class action litigation alleging that the social media giant unlawfully collected patient data from the websites of hospitals and other providers through the use of its Pixel tracking tool Hales said see Judge Denies Metas 2nd Try to Dismiss Pixel Privacy CaseppSome other health data breach lawsuits have ended with recent multimilliondollar settlements ppLaw group Orrick Herrington Sutcliffe earlier this month agreed to a 8 million proposed agreement with plaintiffs to settle four proposed consolidated class action lawsuits filed against the San Franciscobased firm last year in the wake of a March 2023 hacking incident that affected nearly 638000 individuals see Law Firm to Pay 8M to Settle Health Data Hack LawsuitppSubstantial class actions following major data breaches plague organizations in all industries Hales said Private plaintiffs have emerged as significant actors enforcing individual privacy rights Their lawsuits give data breaches additional publicity Like cybercriminals they highlight the need to strengthen data security he saidppThe defense bar is primed to fight lawsuits tenaciously Hales said However when reasonable defendants are more likely to settle cases with relative speed than just a few years agoppA report released this week by law firm BakerHostetler shows that data breach incidents even small ones are leading to litigation more frequently It says that in the 493 breach notifications issued in 2023 58 incidents resulted in one or more filed lawsuitsppCommonSpirit in an unaudited quarterly report issued on Feb 15 said its cyber incident had a 160 million adverse financial impact in fiscal 2023 exclusive of any potential insurancerelated recoveriesppThat financial fallout included lost revenue costs incurred to remediate the incident and other business expensesppThe organization is aware of lawsuits filed and proposed class actions against CommonSpirit regarding the cybersecurity incident There can be no assurances that the resolution of this matter will not affect the financial conditions of operations of CommonSpirit taken as a whole the report saysppThe October 2022 ransomware attack on CommonSpirit a nonprofit Catholic chain of 142 hospitals and nearly 2250 care sites across 24 states affected IT systems such as electronic health records access and caused other disruptions at several facilities across multiple states for several weeksppExecutive Editor HealthcareInfoSecurity ISMGppMcGee is executive editor of Information Security Media Groups HealthcareInfoSecuritycom media site She has about 30 years of IT journalism experience with a focus on healthcare information technology issues for more than 15 years Before joining ISMG in 2012 she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeeks healthcare IT media sitepp
ppCovering topics in risk management compliance fraud and information securityppBy submitting this form you agree to our Privacy GDPR StatementppwhitepaperppwhitepaperppwhitepaperppEndpoint SecurityppCyberwarfare NationState AttacksppCybercrimeppData Masking Information ArchivingppCybercrimeppContinue pp
90 minutes Premium OnDemand
ppOverviewppFrom heightened risks to increased regulations senior leaders at all levels are pressured to
improve their organizations risk management capabilities But no one is showing them how
until nowppLearn the fundamentals of developing a risk management program from the man who wrote the book
on the topic Ron Ross computer scientist for the National Institute of Standards and
Technology In an exclusive presentation Ross lead author of NIST Special Publication 80037
the bible of risk assessment and management will share his unique insights on how toppSr Computer Scientist Information Security Researcher
National Institute of Standards and Technology NISTppWas added to your briefcaseppJudge Advises Dismissal of CommonSpirit Breach LawsuitppJudge Advises Dismissal of CommonSpirit Breach Lawsuitpp
Just to prove you are a human please solve the equation
ppSign in now ppNeed help registering
Contact support
ppComplete your profile and stay up to dateppContact Support ppCreate an ISMG account now ppCreate an ISMG account now ppNeed help registering
Contact support
ppSign in now ppNeed help registering
Contact support
ppSign in now ppOur website uses cookies Cookies enable us to provide the best experience possible and help us understand how visitors use our website By browsing bankinfosecuritycom you agree to our use of cookiesp
