Medical Associates of the Lehigh Valley

Your Personal Info Could Be

Exposed Online After

This Hospital Breach

Breach Description

Medical Associates of the Lehigh Valley Data Breach

Medical Associates of the Lehigh Valley (MATLV), based in Allentown, Pennsylvania, experienced a significant data breach due to a ransomware attack detected on July 3, 2022. The breach affected the personal and health information of approximately 75,628 individuals[1][3][5][11].

Details of the Breach

The compromised data included a wide range of sensitive information such as Social Security numbers, health insurance providers, medical diagnoses, medical treatment information, medications, and lab results[3]. This information is considered “protected health information” (PHI) under the Health Insurance Portability and Accountability Act (HIPAA)[3].

Response to the Breach

Upon discovering the breach, MATLV took immediate steps to secure its IT systems and began working with third-party forensic specialists to investigate the incident[3]. The organization reviewed the affected files to determine the scope of the compromised information and which patients were affected[3]. On September 9, 2022, MATLV sent out data breach letters to all individuals whose information was compromised[3].

Legal Actions

A class action lawsuit has been filed against MATLV, alleging that the organization failed to adequately safeguard patients’ personal and health information, which led to the data breach[7][11]. The lawsuit claims that MATLV “intentionally, willfully, recklessly, or negligently” failed to implement reasonable cybersecurity measures[11].

Recommendations for Affected Individuals

Patients affected by the breach are advised to monitor their account statements and credit reports for signs of identity theft, change passwords and security questions for online accounts, and consider enrolling in any free credit monitoring services provided by MATLV[13]. They should also be vigilant for increased spam and phishing attempts[11].

Broader Impact on Healthcare Data Security

The MATLV incident is part of a larger trend of cyberattacks targeting healthcare providers, with healthcare data breaches becoming increasingly common and presenting significant risks to patient privacy and security[6][10][12]. These breaches highlight the importance of robust cybersecurity measures within the healthcare industry to protect sensitive patient information.

Citations:

  1. https://www.hipaajournal.com/ransomware-attack-on-medical-associates-of-the-lehigh-valley-affects-75k-patients/
  2. https://www.healthcareitnews.com/news/fred-hutch-cancer-center-clinical-network-breached
  3. https://www.jdsupra.com/legalnews/medical-associates-of-the-lehigh-valley-4405240/
  4. https://www.lehighvalleynews.com/health-news/lvhn-discloses-information-about-data-security-incident-discovered-in-february
  5. https://mcshanebradylaw.com/medical-associates-of-lehigh-valley-data-breach/
  6. https://www.techtarget.com/searchsecurity/news/366564303/10-of-the-biggest-ransomware-attacks-in-2023
  7. https://www.classaction.org/media/kale-v-medical-associates-of-the-lehigh-valley-pc.pdf
  8. https://www.wfmz.com/news/area/lehighvalley/lawsuit-against-lvhn-over-cyberattack-sent-back-to-state-court/article_90badf26-16a8-11ee-aab3-4b5a66272c4f.html
  9. https://today.westlaw.com/Document/Ib43f05c6653311ed8636e1a02dc72ff6/View/FullText.html?contextData=%28sc.Default%29&transitionType=CategoryPageItem
  10. https://www.healthcareitnews.com/news/hca-healthcare-sued-recent-data-breach
  11. https://www.classaction.org/news/medical-associates-of-the-lehigh-valley-responsible-for-2022-data-breach-class-action-alleges
  12. https://www.thetimes-tribune.com/news/community-health-systems-data-breach-may-have-exposed-information-of-scranton-and-wilkes-barre-hospital/article_6cea9eb6-4743-5d18-b309-2ba73ebb1054.html
  13. https://www.turkestrauss.com/2022/09/13/medical-associates-of-the-lehigh-valley-data-breach-investigation/
  14. https://www.mcall.com/2023/03/10/more-patient-photos-have-been-posted-on-the-dark-web-lvhn-says-the-network-expects-the-leaks-to-continue/
  15. https://www.beckershospitalreview.com/cybersecurity/lehigh-valley-health-network-lawyer-scrutinizes-data-breach-lawsuit.html
Breach Submission Date Sep 09, 2022
Converted Entity Name Medical Associates of the Lehigh Valley
Converted Entity Type Healthcare Provider
State PA
Individuals Affected 75,628
Breach Type Hacking/IT Incident

Breach Information Location Network Server

Business Associate Present Yes