Capital Health Data Breach Investigation
The Lyon Firm is investigating a ransomware attack that targeted personal data stored on the Capital Health servers. Contact our legal team to discuss your legal options and to learn more about how to protect yourself following any data security incident. We provide free consultations for plaintiffs nationwide.
What Happened at Capital Health?
The LockBit ransomware group has claimed a November 2023 cyberattack on the Capital Health hospital network, and says they are in possession of a large amount of personal data. The group says they did not encrypt the stolen hospital data “so as not to interfere with patient care.” However, they do still claim to have a large data set and are allegedly holding it ransom.
Capital Health has confirmed that they discovered a “cybersecurity incident” in late November that caused IT outages. The investigation is still underway and few details are known about what data may be at risk.
The official statement released by Capital Health “Capital Health experienced network outages towards the end of last month due to a cybersecurity incident; something we know is also being experienced at other healthcare organizations across the country.” They added, “More information will be provided as it becomes available.”
Capital Health, a healthcare service provider in New Jersey and Pennsylvania, operates two major hospitals and several specialty clinics. They offer a wide array of medical services to patients, including brain and spine care, breast care, cancer care, digestive health services, emergency services, heart and vascular services, lung care, maternity services, orthopedics, pediatrics, surgery, and urology.
The LockBit ransomware gang has now claimed responsibility for several attacks on healthcare networks. Hundreds of medical facilities are targeted each year, and recently ransomware attacks have claimed Integris Health, ESO Solutions, and the Fred Hutchinson Cancer Center (Fred Hutch).
Contact our data breach lawyers if you have received a data breach notification letter from any organization, or believe that your personal information has been unjustly leaked to cybercriminals. We believe any entity that collects and stores your data has a duty to protect it with reasonably secure networks. Class action lawsuits have been filed against many healthcare organizations that have failed to protect patient data.