Ransomware Cyberattack on the Lehigh Valley Health Network Lawsuit
Lehigh Valley Health Network had a data breach when a ransomware cyber attack took place in February of 2023. Oncological patients’ confidential data was stolen. Victims of the leak of the files filed a lawsuit against the LVHN. Hackers from the group BlackCat associated with Russia cyber-attacked the Lehigh Valley Health Network in Scranton, Pennsylvania. They demanded a ransom payment of $1.5 million dollars. The LVHN refused to pay, and the criminals stole oncological patients’ nude photos and medical data and published them on the dark web. These patients have a claim against LVHN for data security negligence. If you had your data breached, call a Lehigh Valley Health Network data breach attorney at the Trapani Law Firm for a free consultation in Scranton PA or Allentown PA.
The Lehigh Valley Health Network (LVHN) was sued over its recent BlackCat ransomware attack. The lawsuit claims that the health network failed to protect sensitive information about patients. LVHN, located in Scranton, Pennsylvania, was cyber-attacked by a ransomware gang ALPHV. The group is also known as BlackCat and is associated with Russia. They became recognizable for similar cyberattacks on parties associated with healthcare providers and the academia sector previously.
The cyber attack on LVHN occurred in February 2023 and led to a terrible data leak to the internet. The real victims of this devastating criminal act were cancer patients receiving treatment. The group ALPHV had stolen their private and confidential files, including nude photos, passports, and medical data. BlackCat members blackmailed the Lehigh Valley Health Network by publishing a message. They said they have all those photos and files and are ready to post them on dark web porn websites. The LVHN was running out of time, but they needed to confirm the hazard. They found unauthorized activity on its IT system on Feb. 6 and notified law enforcement. BlackCat demanded payment as high as 1.5 million dollars.
LVHN refused to pay the hackers. Private data, including nude photos and medical reports of patients receiving chemotherapy, had been posted to the dark web right after this. The attack had a significant impact on patients’ lives. Victims struggle with very severe and life-threatening conditions, and now they are exposed to unnecessary additional stress and trauma. The data stolen by BlackCat hackers include LVHN cancer patients’ personal documents, medical reports, and “medically appropriate” nude photos of patients receiving oncological treatment in Lackawanna County, Pennsylvania. Plaintiffs are suing the Lehigh Valley Health Network for negligence on patients’ privacy, prioritizing money over patients’ files’ confidence and privacy, and breaching the duty of preventing such criminal actions. The leaking of files was preventable, and the LVHN from Scranton was aware of the possibility of this data leak after discovering the ransomware attack. Patients were unaware of this hazardous situation and could have been susceptible to theft. The plaintiffs say that the company could have paid the ransom to protect the privacy of their patients. The lawsuit over cyberattack also claims the company for taking nude pictures of oncological patients and storing them at the LVHN network without adequate safeguards. This kind of data is especially sensitive and should have been stored to the highest security standards. The claim against LVHN alleges that the company knew or should have known about the foreseeable and devastating consequences of similar cyberattacks, as security agencies had issued multiple alerts. Cancer patients receiving treatment at the physician whose office was cyber-attacked are devastated by the LVHN’s negligence. The personal injury lawsuit filed over the data leak alleges the company consciously and intentionally ignored their patients’ good interests. The defendant said that even the Federal Bureau of Investigation’s advice says against paying ransoms in ransomware cyberattacks. The FBI says that payment encourages further attacks. There is no guarantee that the ransom payment will end the extortion, nor does it guarantee that hackers will delete stolen data. The plaintiffs seek class-action status, a jury trial, improvements to LVHN’s network security systems, and the provision of identity cyber theft protection services to the plaintiff and class.
Customers’ data should be protected from theft, cyber-attacks, or data leaks. Sadly, ransomware attacks, blackmail, hacker attacks, and data leaks still happen widely. Even government networks or big companies’ databases are in danger of being accused of criminal actions. Our Lehigh Valley personal injury lawyers always support the real victims. We can take any legal step needed to get the compensation our clients deserve. We are always there to help victims seeking justice. We offer our knowledge, expertise, and experience in a broad range of personal injury cases. We remind that all customers, patients, and employees have their rights required by the law. Breaching any of those laws may be the basis for filing a lawsuit against the responsible party. Our Pennsylvania personal injury attorneys are available 24/7 for a free consultation.