Shields Health Care Group (Shields) announced a data breach impacting the sensitive information of 2 million people across the New England region. This breach is the largest of the year in healthcare, according to the U.S. Department of Health and Human Services Office.
Our data breach class action attorneys of Golomb Legal. are going to begin interviewing victims of the breach to determine what damages they sustained and what legal claims may be available to them. If you recently learned your information was compromised in the Shields Health Care Group data breach, please reach out to our lawyers to take the first step. We can help you to understand all of your options.
About the Shields Health Care Group Data Breach
Shields Health Care Group is a Quincy, Massachusetts-based company that offers medical services including MRIs, PET/CTs, radiation oncology, and ambulatory surgical centers. As many as 50 healthcare facilities throughout New England may be impacted by the data breach, including Tufts Medical Center and UMass Memorial. Shields announced that it will send notifications to every person who has been affected.
Sensitive information likely exposed in the data breach includes:
- Names
- Social Security numbers
- Mailing and physical addresses
- Insurance information
- Medical treatment information
- And much more
Data Breaches are a Growing Problem Globally
Cybersecurity events such as the Shields breach have been common over the past few years. In fact, according to the Identity Theft Resource Center's annual report, the number of data breaches increased by 68%, from 1,108 breaches in 2020 to 1,862 breaches in 2021. In more than 80% of these breaches, sensitive consumer information was involved.
At this time, no hacker group or individual has claimed responsibility for the cyberattack against Shields. Shields was likely targeted due to a vulnerability in its cybersecurity and network that hackers identified. Oftentimes, the data that is stolen is then sold illegally to information miners who can use it to try to access bank accounts or otherwise defraud the impacted account holders.
Shields might be able to identify which files were vulnerable during the data breach, but knowing which files were actually copied might be impossible. As a result, not everyone who gets a notice from Shields about the data breach will have had their sensitive data stolen. However, to err on the side of caution, Shields and its account holders should assume that every vulnerable file was unlawfully accessed.
Legal Action Against Shields
There is a real chance that a data breach class action could soon form against Shields. This legal remedy has been justified against other corporations and health care groups that have lost sensitive data due to cybersecurity negligence.
When you allowed Shields access to your personal data, you trusted it to keep your sensitive information safe. By virtue of its agreement with you as an account holder, Shields accepted its obligation to protect your information from criminal misdeeds. However, in light of this data breach, some very serious questions have been raised about the organization’s data security measures and whether it could have done more to prevent this type of cyberattack.
It is not known exactly how long it will take for a class action to form against Shields, though. Investigations into the data breach must be concluded, which could take a while. It might even be that Shields did nothing wrong and took its cybersecurity seriously, which would excuse the company from liability. For the time being, it is important to keep your options open and take steps to better protect your data in the future.
What to Do After the Shields Data Breach Notification
If you received a notification from Shields Health Care Group about the data breach, then your information is confirmed as stolen or potentially stolen by the hacker. You should take action now to limit the risk of future data breaches and fraud.
You should take these steps if your Shields data was part of the breach:
- Review the data breach letter: Take another moment to review the data breach letter, so you better understand what it is outlining. Keep it for your records, and make a copy of it, too. The letter should say what information of yours was accessible to the unauthorized party.
- Limit future access to your accounts: Change all passwords and security questions for your important online accounts, including online banking accounts, credit card accounts, shopping accounts, and any other account containing your personal information. You should also consider changing your social media account passwords and setting up multi-factor authentication where it is available.
- Protect your credit and financial accounts: You may be offered free credit monitoring services. Signing up doesn’t impact any of your rights to pursue a data breach lawsuit, so this service is typically beneficial. You should notify a credit bureau of the breach and ask for a copy of your credit report, which can show fraud that you might have missed otherwise. You may also add a fraud alert or a credit freeze to your account. Finally, if you are already paying for identity theft or fraud monitoring services, inform that company of the Shields breach.
- Pay attention to your important accounts: It is more important now than ever to monitor your credit and financial accounts for fraud. If an account was jeopardized by the Shields breach, then the unauthorized parties will most likely take action within a few months at most because they know their time to use that information is limited.
Can I Sue Shields for the Data Breach?
As mentioned, you might be able to file a claim or join a class action lawsuit against Shields Health Care Group for the data breach if you were notified that your data was vulnerable or stolen. Further investigation into the breach is necessary, though. We encourage you to visit our blog often for important updates on this story. If you would like to speak with someone from Golomb Legal. now about the data breach and your potential legal options, then please feel free to use an online contact form at any time.