Consulting Radiologists Data Breach Lawsuit Says Group Failed to Protect Patient Info from Hackers
Last Updated on July 30, 2024
Johnson v. Consulting Radiologists, Ltd.
Filed: June 28, 2024 ◆§ 0:24-cv-02535
Consulting Radiologists faces a class action after a data breach it reportedly detected in February 2024 compromised the personal information of current and former patients.
Minnesota
Consulting Radiologists, Ltd. faces a proposed class action lawsuit after a data breach it reportedly detected on February 12, 2024 compromised the personal information of current and former patients.
Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.
The 50-page Consulting Radiologists data breach lawsuit claims patients’ names, addresses, dates of birth, health insurance details and medical information were exposed when an unauthorized actor accessed certain files stored on the defendant’s network. According to an online notice on Consulting Radiologists’ website, the incident may also have impacted Social Security numbers, driver’s license numbers, face sheets and imaging reports for a small subset of patients.
The data breach lawsuit alleges that the radiology practice’s failure to safeguard the sensitive information amounts to negligence and violates state and federal laws. Per the filing, Consulting Radiologists failed to fulfill its legal obligation to maintain adequate cybersecurity measures that were in line with industry standards.
“Data breaches have become entirely too common, and the reason is the lack of attention and resources that companies like the defendant expend on protecting sensitive information,” the case says.
Those affected by the Consulting Radiologists data breach must now constantly monitor their accounts due to the heightened and ongoing risk of fraud and identity theft they face, the filing stresses.
“The risk of identity theft is not speculative or hypothetical but is impending and has materialized as there is evidence that the plaintiff and class members’ private information was targeted, accessed, has been misused, and disseminated on the dark web,” the complaint contends.
The suit relays that the defendant took until April 17, 2024 to identify whose information was compromised in the breach, then waited two months to notify them.
What’s more, the case argues that Consulting Radiologists’ notice letter was deficient in that it failed to disclose basic details concerning the data breach, such as why patients’ information was stored in an unsecured environment, what vulnerabilities in the company’s security systems allowed unauthorized access and to what degree the data has been disseminated.
“Without such disclosure, questions remain as to the full extent of the data breach, the actual data accessed and compromised, and what measures, if any, Consulting Radiologists, Ltd. has taken to secure the [personally identifiable information] and [protected health information] still in its possession,” the complaint says.
The lawsuit looks to represent anyone in the United States whose private information was compromised in the Consulting Radiologists data breach.
Are you owed unclaimed settlement money? Check out our class action rebates page full of open class action settlements.
Hair Relaxer Lawsuits
Women who developed ovarian or uterine cancer after using hair relaxers such as Dark & Lovely and Motions may now have an opportunity to take legal action.
Read more here: Hair Relaxer Cancer Lawsuits
How Do I Join a Class Action Lawsuit?
Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?
Read more here: How Do I Join a Class Action Lawsuit?
Stay Current
Sign Up For
Our Newsletter
New cases and investigations, settlement deadlines, and news straight to your inbox.
Before commenting, please review our comment policy.