Kettering Health Data Breach Investigation

The data breach lawyers at The Lyon Firm are investigating the recent ransomware attack reported at Kettering Health, the Dayton, Ohio, healthcare network that operates 14 medical centers. The alleged cyberattack caused a system-wide technology outage and fears are growing that the bad actors acquired a large amount of personal and health information from current and former patients.

Contact our legal team if you believe your personal data may have been compromised as a result of this data security incident. Our Ohio attorneys have filed numerous data breach lawsuits on behalf of plaintiffs and we represent clients in a wide range of privacy litigation.

UPDATE: Kettering health has confirmed that current and former patients had the following information compromised in the attack: first and last name, contact information, date of birth, Social Security number, patient identification number, medical record number, medical information, treatment information, diagnosis information, health insurance information, driver’s license/state identification number, financial account information, and/or education records.

What happened at Kettering Health?

This recent cyber intrusion investigation is still ongoing, and more details should emerge in the coming weeks.  Kettering Health has been forthcoming, but the organization cannot yet confirm or deny that personal data was stolen. The healthcare system, however, did confirm that the outage was caused by a cyberattack.

Kettering Health manages emergency centers and over 120 outpatient facilities across western Ohio. In a statement published on its website, the entity confirmed that a cybersecurity attack has affected the call center and some patient care systems. After the May 20 cybersecurity incident disrupted the health system’s electronic systems, some patients were diverted to other hospitals.

A statement posted on the Kettering website reads, “We are currently experiencing a cybersecurity incident resulting from unauthorized access to our network. We have taken steps to contain and mitigate this activity and are actively investigating and monitoring the situation. We will continue to provide updates as appropriate.”

Cyber threat intelligence company PRODAFT told BleepingComputer that Nefarious Mantis (part of the Interlock cluster) may be behind the Kettering Health breach. Nefarious Mantis is apparently known for targeting healthcare and biotechnology organizations. CNN also reported that the Interlock ransomware operation could be responsible for the attack. Kettering has already reported receiving notifications of individuals impersonating its staff and requesting credit card payments for medical expenses.

Legal Implications and Rights of Affected Individuals

Because the stolen information included protected health data, the breach raises serious compliance issues under the Health Insurance Portability and Accountability Act (HIPAA). Covered entities like Kettering Health are required to implement strict safeguards to protect sensitive patient data. When those safeguards fail, the organization may face investigations and penalties from federal regulators.

In addition to federal privacy concerns, affected individuals may have state law claims against the healthcare provider. Class action lawsuits have already been filed alleging that Kettering failed to adequately secure its systems and did not promptly notify patients of the breach. Plaintiffs may seek compensation for identity theft, financial loss, and emotional distress caused by the exposure of their information.