Medical Associates of the Lehigh Valley
Your Personal Info Could Be
Exposed Online After
This Hospital Breach
Breach Description
Medical Associates of the Lehigh Valley Data Breach
Medical Associates of the Lehigh Valley (MATLV), based in Allentown, Pennsylvania, experienced a significant data breach due to a ransomware attack detected on July 3, 2022. The breach affected the personal and health information of approximately 75,628 individuals[1][3][5][11].
Details of the Breach
The compromised data included a wide range of sensitive information such as Social Security numbers, health insurance providers, medical diagnoses, medical treatment information, medications, and lab results[3]. This information is considered “protected health information” (PHI) under the Health Insurance Portability and Accountability Act (HIPAA)[3].
Response to the Breach
Upon discovering the breach, MATLV took immediate steps to secure its IT systems and began working with third-party forensic specialists to investigate the incident[3]. The organization reviewed the affected files to determine the scope of the compromised information and which patients were affected[3]. On September 9, 2022, MATLV sent out data breach letters to all individuals whose information was compromised[3].
Legal Actions
A class action lawsuit has been filed against MATLV, alleging that the organization failed to adequately safeguard patients’ personal and health information, which led to the data breach[7][11]. The lawsuit claims that MATLV “intentionally, willfully, recklessly, or negligently” failed to implement reasonable cybersecurity measures[11].
Recommendations for Affected Individuals
Patients affected by the breach are advised to monitor their account statements and credit reports for signs of identity theft, change passwords and security questions for online accounts, and consider enrolling in any free credit monitoring services provided by MATLV[13]. They should also be vigilant for increased spam and phishing attempts[11].
Broader Impact on Healthcare Data Security
The MATLV incident is part of a larger trend of cyberattacks targeting healthcare providers, with healthcare data breaches becoming increasingly common and presenting significant risks to patient privacy and security[6][10][12]. These breaches highlight the importance of robust cybersecurity measures within the healthcare industry to protect sensitive patient information.
Citations:
- https://www.hipaajournal.com/ransomware-attack-on-medical-associates-of-the-lehigh-valley-affects-75k-patients/
- https://www.healthcareitnews.com/news/fred-hutch-cancer-center-clinical-network-breached
- https://www.jdsupra.com/legalnews/medical-associates-of-the-lehigh-valley-4405240/
- https://www.lehighvalleynews.com/health-news/lvhn-discloses-information-about-data-security-incident-discovered-in-february
- https://mcshanebradylaw.com/medical-associates-of-lehigh-valley-data-breach/
- https://www.techtarget.com/searchsecurity/news/366564303/10-of-the-biggest-ransomware-attacks-in-2023
- https://www.classaction.org/media/kale-v-medical-associates-of-the-lehigh-valley-pc.pdf
- https://www.wfmz.com/news/area/lehighvalley/lawsuit-against-lvhn-over-cyberattack-sent-back-to-state-court/article_90badf26-16a8-11ee-aab3-4b5a66272c4f.html
- https://today.westlaw.com/Document/Ib43f05c6653311ed8636e1a02dc72ff6/View/FullText.html?contextData=%28sc.Default%29&transitionType=CategoryPageItem
- https://www.healthcareitnews.com/news/hca-healthcare-sued-recent-data-breach
- https://www.classaction.org/news/medical-associates-of-the-lehigh-valley-responsible-for-2022-data-breach-class-action-alleges
- https://www.thetimes-tribune.com/news/community-health-systems-data-breach-may-have-exposed-information-of-scranton-and-wilkes-barre-hospital/article_6cea9eb6-4743-5d18-b309-2ba73ebb1054.html
- https://www.turkestrauss.com/2022/09/13/medical-associates-of-the-lehigh-valley-data-breach-investigation/
- https://www.mcall.com/2023/03/10/more-patient-photos-have-been-posted-on-the-dark-web-lvhn-says-the-network-expects-the-leaks-to-continue/
- https://www.beckershospitalreview.com/cybersecurity/lehigh-valley-health-network-lawyer-scrutinizes-data-breach-lawsuit.html