Marks law Group Logo
Marks law Group Logo
phone call icon

St Joseph's/Candler Data Breach

The St Joseph's/Candler hospital system in Savannah, Georgia was hit by a ransomware attack in the early hours of June 17, 2021. Upon detection of suspicious network activity, SJ/C immediately took steps to isolate and secure its systems. Staff went back to writing in pen and paper to record patient data, as the attack prevented access to computer systems and emergency protocols were implemented.

When did the Data Breach Occur?

The security breach was reported to law enforcement by SJ/C. The hacking group had access to the systems from December 18, 2020 until June 17, 2021, according to the assistance provided by third party cybersecurity firms.

Shortly after the breach was detected a spokesperson for St Joseph's/Candler released: “patient care operations continue at our facilities using established back-up processes and other downtime procedures. Our physicians, nurses, and staff are trained to provide care in these types of situations and are committed to doing everything they can to mitigate disruption and provide uninterrupted care to our patients.”

What Information was Leaked by the St Joseph's/Candler Data Breach?

The parts of the network that were accessible to the hackers contained files with patients' health-protected information. The files contained patient information such as names, addresses, dates of birth, Social Security numbers, driver's license numbers, patient account numbers, billing account numbers, financial information, health insurance plan member IDs, medical record numbers, dates of service, as well as a comprehensive review of those

The protected health information of 1,400,000 patients could potentially have been compromised by the ransomware attack. SJ/C began to send notification letters to individuals affected by the breach on August 10, 2021 and are offering complimentary credit monitoring and identity theft protection services. SJ/C is implementing additional safeguards and technical security measures to further protect and monitor its systems going forward.

St Joseph's/Candler Data Breach

Has any Action Been Taken After the Breach?

A class action lawsuit has been filed on behalf of the more than one million patients, professionals, and clients who may have been affected in the recent cyber attack on the healthcare system's IT systems.

The lawsuit alleges that St Joseph/Candler violated its privacy policy and acted negligently when it failed to adequately secure patients' information and prevent ransonware attacks.

The lawsuit states that people whose data has been compromised "have been forced to expend, and must expend in the future, to monitor their financial accounts, health insurance accounts, and credit files as a result of the data breach" though no does not cite and specific instances of identity theft. 

Furthermore, plaitiffs are claiming in the lawsuit that the hospital neglected to "design, adopt, implement, control, direct, oversee, manage, monitor and audit appropriate data security process, controls, policies, procedures, protocols and software and hardware systems" to protect patients' personal information.

What can You do if Your Information was Leaked?

If your private information was leaked by the SJ/C data breach and has been used illegally our firm can help. Call Marks Law Group today at (404) 939-1485 to schedule a free consultation with an Atlanta HIPAA violation attorney to learn what your legal options may be during a free consultation.

Other Recent Data Breaches: Metro Infectious Disease Consultants Data Breach

ReproSource Fertility Diagnostics Ransomware Attack
Free Case Review
tagcalendar-fullcrossmenuarrow-up linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram