Medibase Group Data Breach Lawsuit Filed Over 2024 Cyberattack Impacting Staten Island University Hospital, Others
Girenko v. The Medibase Group, Inc. et al.
Filed: July 12, 2024 ◆§ 1:24-cv-03098
Medibase Group faces a class action lawsuit over a 2024 data breach that reportedly compromised the networks of Staten Island University Hospital and other entities.
The Medibase Group faces a proposed class action lawsuit over a January 2024 data breach that reportedly compromised the networks of Staten Island University Hospital and other entities that store sensitive patient information.
Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.
The 61-page Medibase Group data breach lawsuit accuses the healthcare solutions provider of several “data security failures” in the lead-up to the cyberattack. Though the hack reportedly occurred on or around January 26, 2024, Medibase Group did not notify co-defendant Staten Island University Hospital until around May 8, and data breach victims did not begin to be notified until July 5, the complaint states.
According to the Medibase Group data breach notice letter, the unauthorized party who gained access to one of Medibase’s systems may have compromised patients’ full names, Social Security numbers, dates of birth, admit and discharge dates, outstanding balance amounts and insurance details. Medibase said in the notice that no clinical information or other financial account details were impacted.
The data breach lawsuit charges that the cyberattack, allegedly a “known risk” to the defendants, was a result of Medibase Group and Staten Island University Hospital’s failure to implement adequate and reasonable cybersecurity measures necessary to protect consumers’ private information.
“Plaintiff and Class Members’ identities are now at risk because of Defendants’ negligent conduct since the Private Information that Defendants collected and maintained is now in the hands of data thieves,” the complaint stresses.
Per the suit, Medibase violated the Federal Trade Commission Act, Health Insurance Portability and Accountability Act and other state and federal laws by failing to protect the sensitive information in its care.
The case says Medibase data breach victims must now and in the future closely monitor their medical and financial accounts to protect against the real risk of identity theft and fraud.
According to the lawsuit, evidence exists that Medibase data breach victims’ stolen information was “targeted, accessed, ... misused, and disseminated on the Dark Web.”
The Medibase Group data breach class action looks to cover all individuals in the United States whose private information was accessed in the Medibase data breach.
Are you owed unclaimed settlement money? Check out our class action rebates page full of open class action settlements.
Video Game Addiction Lawsuits
If your child suffers from video game addiction — including Fortnite addiction or Roblox addiction — you may be able to take legal action. Gamers 18 to 22 may also qualify.
Learn more:Video Game Addiction Lawsuit
Depo-Provera Lawsuits
Anyone who received Depo-Provera or Depo-Provera SubQ injections and has been diagnosed with meningioma, a type of brain tumor, may be able to take legal action.
Read more: Depo-Provera Lawsuit
How Do I Join a Class Action Lawsuit?
Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?
Read more here: How Do I Join a Class Action Lawsuit?
Stay Current
Sign Up For
Our Newsletter
New cases and investigations, settlement deadlines, and news straight to your inbox.
Before commenting, please review our comment policy.