Skip to main content
Subscribe
  • Login
  • My Account
  • Logout
  • Register For Free
  • Subscribe
  • News
    • Current News
    • Providers
    • Insurance
    • Government
    • Finance
    • Technology
    • Safety & Quality
    • Digital Health
    • Transformation
    • ESG
    • People
    • Regional News
    • Digital Edition (Web Version)
    • Patients
    • Operations
    • Care Delivery
    • Payment
    • Midwest
    • Northeast
    • South
    • West
  • Blogs
    • AI
    • Deals
    • Layoff Tracker
    • HLTH 2024
    • Sponsored Content: Vital Signs Blog
  • Opinion
    • Letters
    • From the Editor
  • Events & Awards
    • Awards
    • Conferences
    • Galas
    • Virtual Briefings
    • Webinars
    • Nominate/Eligibility
    • 100 Most Influential People
    • 50 Most Influential Clinical Executives
    • 40 Under 40
    • Best Places to Work in Healthcare
    • Healthcare Marketing Impact Awards
    • Innovators Awards
    • Diversity Leaders
    • Leading Women
    • Best in Business Awards
    • The 2030 Playbook Conference
    • Innovations in Patient Experience
    • Leading Women Conference & Awards Luncheon
    • Leadership Summit
    • Workforce Summit
    • Best Places to Work Awards Gala
    • Diversity Leaders Gala
    • - Looking Ahead to 2025
    • - Financial Growth
    • - Hospital of the Future
    • - Value Based Care
    • - Looking Ahead to 2026
  • Multimedia
    • Podcast - Beyond the Byline
    • Sponsored Podcast - Healthcare Insider
    • Sponsored Video Series - One on One
    • Sponsored Video Series - Checking In with Dan Peres
  • Data & Insights
    • Data & Insights Home
    • Hospital Financials
    • Staffing & Compensation
    • Quality & Safety
    • Mergers & Acquisitions
    • Skilled Nursing Facilities
    • Data Archive
    • Resource Guide: By the Numbers
    • Surveys
    • Data Points
  • Newsletters
  • MORE+
    • Contact Us
    • Advertise
    • Media Kit
    • Jobs
    • People on the Move
    • Reprints & Licensing
    • Sponsored Content
MENU
Breadcrumb
  1. Home
  2. Government
August 09, 2016 12:00 AM

Banner Health cyberattack draws class-action suit

Joseph Conn
  • Tweet
  • Share
  • Share
  • Email
  • More
    Reprints Print

    (Story updated at 4:43 p.m. ET)

    An Arizona physician is the lead plaintiff in a class-action lawsuit against Banner Health over a massive data breach the health system disclosed last week.

    The complaint alleges the credit and identity theft protections Banner has offered to breach victims are inadequate and that the system was negligent in allowing the data to be compromised, according to a report in the Arizona Republic.

    Phoenix-based Banner said last week that a hacking incident may have exposed personal information belonging to as many as 3.7 million individuals.

    Ophthalmologist Dr. Howard Chen has taken the role of lead plaintiff in the complaint, filed in Maricopa County Superior Court on behalf of patients, physicians, employees and even cafeteria customers whose data may have been pilfered. He is represented by Hagens Berman Sobol Shapiro, a law firm specializing in class-action suits.

    Chen is on staff at Banner Thunderbird Medical Center in Glendale, Ariz., according to the newspaper report. He is not listed as a Banner physician on the system's website.

    Rob Carey, an attorney with the law firm pursuing the case, called the one year of credit monitoring that Banner is offering “a skimpy fix,” according to the report.

    The breach would be the eighth-largest in healthcare history since federal record-keeping began in 2009. It was unusual because two separate computer systems were compromised—one system for credit and debit cards used at 27 food service locations at Banner facilities in four states and another used for patient and health plan data.

    Banner said in a statement that it first learned of the attack on its point-of-sale network on July 7 and by July 13 had also discovered its patient information system was compromised. The latter breach exposed individuals' birthdates, addresses, physicians' names, dates of service and claims information, and possibly health insurance information and Social Security numbers.

    Since hackers stole the records of 78.8 million individuals in an attack on insurance giant Anthem in 2015, cyberattacks have dominated healthcare IT security concerns. The Anthem breach also has led to an escalation in post-attack protections afforded to breach victims.

    The previous norm of one year of credit protection has been supplanted in some instances by two years of protection. Last year Blue Cross and Blue Shield plans announced it would begin offering free perpetual credit care and fraud protection to all of their members by Jan. 1, 2016.

    “We believe, obviously, that a year isn't enough,” said Michella Kras, the Hagens Berman attorney that filed the case on Chen's behalf. She added that plaintiffs won't know how much protection, for how long and what is necessary since not all of the details are known about what information was taken.

    Since she's been a patient at Banner, “For all I know, my information may be in there as well,” said Kras, whose firm has a class-action suit pending against Anthem as well.

    A Banner Health spokesman declined to comment.

    It's quite common for hackers to penetrate the defenses of a targeted organization and do little for an extended period of time, according to security experts.

    Two security firms, Kaspersky Labs and Symantec, recently reported discovering a sophisticated “malware platform,” most likely developed by a state-sponsored surveillance organization, that had been residing undetected on several dozen computer systems for as long as five years.

    Craig Musgrave, chief information officer of the Doctors Co., a medical liability insurance company, said even less sophisticated hackers typically “break in and sit there stealthily and wait” for users to reveal passwords and other pathways for further system penetration and exploitation.

    “The average time to find a hacker is 200 days,” Musgrave said. Small physician practices often have their credit card processing, billing and EHR systems linked for convenience, making the penetration of one a risk to the others.

    One relatively quick defensive upgrade is to quickly embrace the new chip-card readers, Musgrave said. “That is the most secure way to do a transaction.”

    Letter
    to the
    Editor

    Send us a letter

    Have an opinion about this story? Click here to submit a Letter to the Editor, and we may publish it in print.

    Recommended for You
    Legal-government-0225
    HHS lawsuit by Democratic AGs aims to stop restructuring, layoffs
    GettyImages-654573744.jpg
    Federal watchdog to retract medical debt collection opinion
    Most Popular
    1
    UnitedHealth under criminal investigation for Medicare fraud: WSJ
    2
    States, providers face brunt of GOP Medicaid cuts plan
    3
    UnitedHealth Group to cut Medicare drug plan commissions
    4
    Federal dementia pilot has rocky rollout for some providers
    5
    'Legendary' Hemsley takes over at UnitedHealth amid rough seas
    Sponsored Content
    Modern Healthcare Alert: Sign up for this breaking news email to be kept in the loop as urgent healthcare business news unfolds.
    Get Newsletters

    Sign up for enewsletters and alerts to receive breaking news and in-depth coverage of healthcare events and trends, as they happen, right to your inbox.

    Subscribe Today
    MH Magazine Cover

    MH magazine offers content that sheds light on healthcare leaders’ complex choices and touch points—from strategy, governance, leadership development and finance to operations, clinical care, and marketing.

    Subscribe
    Connect with Us
    • LinkedIn
    • Twitter
    • Facebook
    • RSS

    Our Mission

    Modern Healthcare empowers industry leaders to succeed by providing unbiased reporting of the news, insights, analysis and data.

    Contact Us

    (877) 812-1581

    Email us

     

    Resources
    • Contact Us
    • Help Center
    • Advertise with Us
    • Ad Choices
    • Sitemap
    Editorial Dept
    • Submission Guidelines
    • Code of Ethics
    • Awards
    • About Us
    Legal
    • Terms and Conditions
    • Privacy Policy
    • Privacy Request
    Modern Healthcare
    Copyright © 1996-2025. Crain Communications, Inc. All Rights Reserved.
    • News
      • Current News
      • Providers
      • Insurance
      • Government
      • Finance
      • Technology
      • Safety & Quality
      • Digital Health
      • Transformation
        • Patients
        • Operations
        • Care Delivery
        • Payment
      • ESG
      • People
      • Regional News
        • Midwest
        • Northeast
        • South
        • West
      • Digital Edition (Web Version)
    • Blogs
      • AI
      • Deals
      • Layoff Tracker
      • HLTH 2024
      • Sponsored Content: Vital Signs Blog
    • Opinion
      • Letters
      • From the Editor
    • Events & Awards
      • Awards
        • Nominate/Eligibility
        • 100 Most Influential People
        • 50 Most Influential Clinical Executives
        • 40 Under 40
        • Best Places to Work in Healthcare
        • Healthcare Marketing Impact Awards
        • Innovators Awards
        • Diversity Leaders
        • Leading Women
        • Best in Business Awards
      • Conferences
        • The 2030 Playbook Conference
        • Innovations in Patient Experience
        • Leading Women Conference & Awards Luncheon
        • Leadership Summit
        • Workforce Summit
      • Galas
        • Best Places to Work Awards Gala
        • Diversity Leaders Gala
      • Virtual Briefings
        • - Looking Ahead to 2025
        • - Financial Growth
        • - Hospital of the Future
        • - Value Based Care
        • - Looking Ahead to 2026
      • Webinars
    • Multimedia
      • Podcast - Beyond the Byline
      • Sponsored Podcast - Healthcare Insider
      • Sponsored Video Series - One on One
      • Sponsored Video Series - Checking In with Dan Peres
    • Data & Insights
      • Data & Insights Home
      • Hospital Financials
      • Staffing & Compensation
      • Quality & Safety
      • Mergers & Acquisitions
      • Skilled Nursing Facilities
      • Data Archive
      • Resource Guide: By the Numbers
      • Surveys
      • Data Points
    • Newsletters
    • MORE+
      • Contact Us
      • Advertise
      • Media Kit
      • Jobs
      • People on the Move
      • Reprints & Licensing
      • Sponsored Content