in Newswire Published on March 4, 2024

Data Breach Lawsuit Claims Physicians to Women Failed to Protect Patient Info from Cybercriminals

by Kelsey McCroskey

View Comments

Johnson v. Physicians to Women, Inc.

Filed: February 23, 2024 § 7:24-cv-00144

Read Complaint

A proposed class action claims negligence on the part of Physicians to Women, Inc. is to blame for an April 2023 data breach.

Defendant(s)

Physicians to Women, Inc.

Law(s)

State(s)

Virginia

Categories

Technology Medical/Health Privacy Data Breach

A proposed class action claims negligence on the part of Physicians to Women, Inc. is to blame for an April 2023 data breach.

Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.

The 40-page data breach lawsuit relays that the Virginia-based obstetrics and gynecology services provider detected suspicious activity on its network on April 4, 2023. Per the suit, a subsequent investigation determined that an unauthorized third party had gained access that day to the healthcare provider’s computer system and acquired certain files stored therein.

According to the January 2024 Physicians to Women notice letter, the compromised files contained personal information that belonged to current and former patients and/or their guarantors, including names, Social Security numbers, dates of birth and certain medical data.

The case contends that the healthcare company failed to maintain basic cybersecurity protocols to protect the highly confidential information in its care, such as encrypting the data or deleting it when it was no longer needed. Physicians to Women could have prevented the incident had it implemented proper encryption practices, the complaint argues.

In light of the frequency of cyberattacks in the healthcare industry in recent years, the defendant should have understood the risks of a breach and taken commensurate measures to secure patients’ information, the filing charges.

As the lawsuit tells it, Physicians to Women’s allegedly negligent conduct is compounded by “repeated warnings and alerts” from cybersecurity experts and industry leaders to adequately protect sensitive information from unauthorized disclosure.

Data breach victims now face a lifelong risk of identity theft and fraud due to the confidential nature of their stolen data, “which they cannot change, and which cannot be made private again,” the case says.

The lawsuit looks to represent anyone whose personal information was accessed and/or acquired by an unauthorized third party in the Physicians to Women data breach, including those who received notice of the incident.

Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s free weekly newsletter here.

Case Spotlight

Hair Relaxer Lawsuits

Women who developed ovarian or uterine cancer after using hair relaxers such as Dark & Lovely and Motions may now have an opportunity to take legal action.

Read more here: Hair Relaxer Cancer Lawsuits

How Do I Join a Class Action Lawsuit?

Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?

Read more here: How Do I Join a Class Action Lawsuit?

ClassAction.org Newsletter

Stay Current

Sign Up For
Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This browser does not support PDFs. Please download the PDF to view it: Download PDF.
Open Document
Last Updated on March 4, 2024 — 9:51 AM

Kelsey McCroskey

kelsey@classaction.org

Kelsey works primarily on ClassAction.org’s newswire, reporting on cases as they happen.

About ClassAction.org

ClassAction.org is a group of online professionals (designers, developers and writers) with years of experience in the legal industry.

Learn More

Before commenting, please review our comment policy.