City of Hope Data Breach Exposes 827k Patients to Identity Theft. Featured
Ineffective network security at City of Hope research and treatment centre allowed hackers to steal identities of over 827k people.
In a notification recently submitted to the Maine Attorney General’s office, City of Hope, one of the largest cancer research and treatment organizations in the U.S., announced that 827,149 people were impacted by a data breach that occurred over a three week period in late 2023.
What Happened?
According to a notice posted on its website, City of Hope discovered suspicious activity on a subset of its systems on or about October 13, 2023. An investigation revealed that an unauthorized third party accessed these systems and obtained copies of files containing sensitive personal health and identifiable information between September 19 and October 12, 2023.
What Information Was Stolen?
According to City of Hope’s announcement, the type of information potentially exposed includes:
- Name
- Social Security number
- Date of birth
- Driver’s license or other governmental identification
- Financial details (e.g., bank account number and/or credit card details)
- Health insurance information
- Medical record number
- Medical information
What Can Identity Thieves Do With My Information?
Stolen personally identifiable information (PII) can be used to commit identity theft, open new credit accounts, make unauthorized purchases or obtain loans. Cybercriminals have recently targeted America’s healthcare industry and in so doing have forced millions of Americans to face the fallout from these attacks.
Leaked or stolen healthcare data can be sold on the dark web forums and may be used for fraud and medical identity theft, a type of fraud, where threat actors use stolen information to submit forged claims to insurers.
What is City of Hope Doing To Protect My Identity?
Upon discovering the data breach, City of Hope announced that it “promptly implemented additional and enhanced safeguards and enlisted the support of a leading cybersecurity firm to enhance the security of our network, systems, and data.“
On December 14, the cancer center operator said it provided initial notice of the cybersecurity incident to potentially affected individuals that could be readily notified via email. On March 25, it identified individuals whose personal information was impacted during a detailed, complex and ongoing review of relevant data, it said. These letters should specify which information belonging to affected individuals was compromised.
City of Hope is providing identity monitoring services for two years, at no cost to individuals affected by the breach, despite the lifetime risk that they must now face.
Protect Your Identity. Join the City of Hope data breach class action.
f you received a data breach notification from City of Hope, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the data breach.
You may be eligible to participate in a class action lawsuit to recover compensation for loss of privacy, time spent dealing with the breach, out-of-pocket costs, and more.
It is critical to begin to take the next steps after a data breach targets your personal data. You may contact a data privacy lawyer to learn about how to protect your accounts, and how to file a class action data breach lawsuit. By filing a claim, you can recover compensation and hold any negligent party accountable for their action or inaction. There is no cost to you.