CorrectCare Data Breach Lawsuit Settles for $6.9 Million

    Sept. 25, 2024
    Breach exposed sensitive information and left the personal data of 600,000 individuals vulnerable
    ID 167072561 © Snowingg | Dreamstime.com
    CorrectCare Data Breach Lawsuit Settles for $6.9 Million
    CorrectCare Data Breach Lawsuit Settles for $6.9 Million

     

    HIPAA Journal’s Steve Alder reported on September 23 that the CorrectCare Integrated Health data breach lawsuit has been settled for $6.49 million. CorrectCare, a Kentucky-based medical claims processor for correctional facilities, experienced a cybersecurity breach between January 22, 2022, and July 7, 2022. The breach, affecting around 600,000 people, was not reported until November 2022.

    “In July 2022, CorrectCare identified a misconfiguration on its web server that allowed two file directories to be accessed over the Internet without authentication,” Alder wrote.

    Shub & Johns’s attorney, Benjamin F. Johns, filed a class action lawsuit against CorrectCare on December 7, 2022. “On September 17, 2024, Chief Judge Danny C. Reeves issued an order granting final approval to the $6.9 million settlement,” Alder stated.

    Over 100,000 claims were filed, representing about 17 percent of the class action suit.

    Continue Reading

    Sponsored Recommendations

    Discover how to look beyond the hype to develop a responsible generative AI strategy
    Explore how healthcare leaders are shifting from reactive maintenance to proactive facility strategies. Learn how data-driven planning and strategic investment can boost operational...
    Navigate healthcare's facility challenges. Get strategies to protect assets and ensure long-term stability.
    Join Claroty, Cisco, and Children's Hospital Los Angeles (CHLA) on-demand as they uncover the reasons behind common pitfalls encountered by hospitals in network segmentation efforts...