Skip to main content
Sister Publication Links
  • ESG: THE NEW IMPERATIVE
Subscribe
  • Sign Up Free
  • Login
  • Subscribe
  • News
    • Current News
    • COVID-19
    • Providers
    • Insurance
    • Government
    • Finance
    • Technology
    • Safety & Quality
    • Transformation
    • People
    • Regional News
    • Digital Edition (Web Version)
    • Patients
    • Operations
    • Care Delivery
    • Payment
    • Midwest
    • Northeast
    • South
    • West
  • Digital Health
  • Insights
    • ACA 10 Years After
    • Best Practices
    • Special Reports
    • Innovations
  • Opinion
    • Bold Moves
    • Breaking Bias
    • Commentaries
    • Letters
    • Vital Signs Blog
    • From the Editor
  • Events & Awards
    • Awards
    • Conferences
    • Galas
    • Virtual Briefings
    • Webinars
    • Nominate/Eligibility
    • 100 Most Influential People
    • 50 Most Influential Clinical Executives
    • Best Places to Work in Healthcare
    • Excellence in Governance
    • Health Care Hall of Fame
    • Healthcare Marketing Impact Awards
    • Top 25 Emerging Leaders
    • Top 25 Innovators
    • Diversity in Healthcare
      • - Luminaries
      • - Top 25 Diversity Leaders
      • - Leaders to Watch
    • Women in Healthcare
      • - Luminaries
      • - Top 25 Women Leaders
      • - Women to Watch
    • Digital Health Transformation Summit
    • Leadership Symposium
    • Social Determinants of Health Symposium
    • Women Leaders in Healthcare Conference
    • Best Places to Work Awards Gala
    • Health Care Hall of Fame Gala
    • Top 25 Diversity Leaders Gala
    • Top 25 Women Leaders Gala
    • - Hospital of the Future
    • - Value Based Care
    • - Supply Chain
    • - Hospital at Home
    • - Workplace of the Future
    • - Digital Health
    • - Future of Staffing
    • - Hospital of the Future (Fall)
  • Multimedia
    • Podcast - Beyond the Byline
    • Sponsored Podcast - Healthcare Insider
    • Video Series - The Check Up
    • Sponsored Video Series - One on One
  • Data Center
    • Data Center Home
    • Hospital Financials
    • Staffing & Compensation
    • Quality & Safety
    • Mergers & Acquisitions
    • Data Archive
    • Resource Guide: By the Numbers
    • Surveys
    • Data Points
  • MORE +
    • Contact Us
    • Advertise
    • Media Kit
    • Newsletters
    • Jobs
    • People on the Move
    • Reprints & Licensing
MENU
Breadcrumb
  1. Home
  2. Government
August 09, 2016 01:00 AM

Banner Health cyberattack draws class-action suit

Joseph Conn
  • Tweet
  • Share
  • Share
  • Email
  • More
    Reprints Print

    (Story updated at 4:43 p.m. ET)

    An Arizona physician is the lead plaintiff in a class-action lawsuit against Banner Health over a massive data breach the health system disclosed last week.

    The complaint alleges the credit and identity theft protections Banner has offered to breach victims are inadequate and that the system was negligent in allowing the data to be compromised, according to a report in the Arizona Republic.

    Phoenix-based Banner said last week that a hacking incident may have exposed personal information belonging to as many as 3.7 million individuals.

    Ophthalmologist Dr. Howard Chen has taken the role of lead plaintiff in the complaint, filed in Maricopa County Superior Court on behalf of patients, physicians, employees and even cafeteria customers whose data may have been pilfered. He is represented by Hagens Berman Sobol Shapiro, a law firm specializing in class-action suits.

    Chen is on staff at Banner Thunderbird Medical Center in Glendale, Ariz., according to the newspaper report. He is not listed as a Banner physician on the system's website.

    Rob Carey, an attorney with the law firm pursuing the case, called the one year of credit monitoring that Banner is offering “a skimpy fix,” according to the report.

    The breach would be the eighth-largest in healthcare history since federal record-keeping began in 2009. It was unusual because two separate computer systems were compromised—one system for credit and debit cards used at 27 food service locations at Banner facilities in four states and another used for patient and health plan data.

    Banner said in a statement that it first learned of the attack on its point-of-sale network on July 7 and by July 13 had also discovered its patient information system was compromised. The latter breach exposed individuals' birthdates, addresses, physicians' names, dates of service and claims information, and possibly health insurance information and Social Security numbers.

    Since hackers stole the records of 78.8 million individuals in an attack on insurance giant Anthem in 2015, cyberattacks have dominated healthcare IT security concerns. The Anthem breach also has led to an escalation in post-attack protections afforded to breach victims.

    The previous norm of one year of credit protection has been supplanted in some instances by two years of protection. Last year Blue Cross and Blue Shield plans announced it would begin offering free perpetual credit care and fraud protection to all of their members by Jan. 1, 2016.

    “We believe, obviously, that a year isn't enough,” said Michella Kras, the Hagens Berman attorney that filed the case on Chen's behalf. She added that plaintiffs won't know how much protection, for how long and what is necessary since not all of the details are known about what information was taken.

    Since she's been a patient at Banner, “For all I know, my information may be in there as well,” said Kras, whose firm has a class-action suit pending against Anthem as well.

    A Banner Health spokesman declined to comment.

    It's quite common for hackers to penetrate the defenses of a targeted organization and do little for an extended period of time, according to security experts.

    Two security firms, Kaspersky Labs and Symantec, recently reported discovering a sophisticated “malware platform,” most likely developed by a state-sponsored surveillance organization, that had been residing undetected on several dozen computer systems for as long as five years.

    Craig Musgrave, chief information officer of the Doctors Co., a medical liability insurance company, said even less sophisticated hackers typically “break in and sit there stealthily and wait” for users to reveal passwords and other pathways for further system penetration and exploitation.

    “The average time to find a hacker is 200 days,” Musgrave said. Small physician practices often have their credit card processing, billing and EHR systems linked for convenience, making the penetration of one a risk to the others.

    One relatively quick defensive upgrade is to quickly embrace the new chip-card readers, Musgrave said. “That is the most secure way to do a transaction.”

    Letter
    to the
    Editor

    Send us a letter

    Have an opinion about this story? Click here to submit a Letter to the Editor, and we may publish it in print.

    Recommended for You
    Record 16.3M people enroll in ACA plans
    Record 16.3M people enroll in ACA plans
    367749098.jpg
    US health officials propose annual COVID-19 vaccination for most Americans
    Most Popular
    1
    More healthcare organizations at risk of credit default, Moody's says
    2
    Centene fills out senior executive team with new president, COO
    3
    SCAN, CareOregon plan to merge into the HealthRight Group
    4
    Blue Cross Blue Shield of Michigan unveils big push that lets physicians take on risk, reap rewards
    5
    Bright Health weighs reverse stock split as delisting looms
    Sponsored Content
    Modern Healthcare Alert: Sign up for this breaking news email to be kept in the loop as urgent healthcare business news unfolds.
    Get Newsletters

    Sign up for enewsletters and alerts to receive breaking news and in-depth coverage of healthcare events and trends, as they happen, right to your inbox.

    Subscribe Today
    MH Magazine Cover

    MH magazine offers content that sheds light on healthcare leaders’ complex choices and touch points—from strategy, governance, leadership development and finance to operations, clinical care, and marketing.

    Subscribe
    Connect with Us
    • LinkedIn
    • Twitter
    • Facebook
    • RSS

    Our Mission

    Modern Healthcare empowers industry leaders to succeed by providing unbiased reporting of the news, insights, analysis and data.

    Contact Us

    (877) 812-1581

    Email us

     

    Resources
    • Contact Us
    • Advertise with Us
    • Ad Choices Ad Choices
    • Sitemap
    Editorial Dept
    • Submission Guidelines
    • Code of Ethics
    • Awards
    • About Us
    Legal
    • Terms and Conditions
    • Privacy Policy
    • Privacy Request
    Modern Healthcare
    Copyright © 1996-2023. Crain Communications, Inc. All Rights Reserved.
    • News
      • Current News
      • COVID-19
      • Providers
      • Insurance
      • Government
      • Finance
      • Technology
      • Safety & Quality
      • Transformation
        • Patients
        • Operations
        • Care Delivery
        • Payment
      • People
      • Regional News
        • Midwest
        • Northeast
        • South
        • West
      • Digital Edition (Web Version)
    • Digital Health
    • Insights
      • ACA 10 Years After
      • Best Practices
      • Special Reports
      • Innovations
    • Opinion
      • Bold Moves
      • Breaking Bias
      • Commentaries
      • Letters
      • Vital Signs Blog
      • From the Editor
    • Events & Awards
      • Awards
        • Nominate/Eligibility
        • 100 Most Influential People
        • 50 Most Influential Clinical Executives
        • Best Places to Work in Healthcare
        • Excellence in Governance
        • Health Care Hall of Fame
        • Healthcare Marketing Impact Awards
        • Top 25 Emerging Leaders
        • Top 25 Innovators
        • Diversity in Healthcare
          • - Luminaries
          • - Top 25 Diversity Leaders
          • - Leaders to Watch
        • Women in Healthcare
          • - Luminaries
          • - Top 25 Women Leaders
          • - Women to Watch
      • Conferences
        • Digital Health Transformation Summit
        • Leadership Symposium
        • Social Determinants of Health Symposium
        • Women Leaders in Healthcare Conference
      • Galas
        • Best Places to Work Awards Gala
        • Health Care Hall of Fame Gala
        • Top 25 Diversity Leaders Gala
        • Top 25 Women Leaders Gala
      • Virtual Briefings
        • - Hospital of the Future
        • - Value Based Care
        • - Supply Chain
        • - Hospital at Home
        • - Workplace of the Future
        • - Digital Health
        • - Future of Staffing
        • - Hospital of the Future (Fall)
      • Webinars
    • Multimedia
      • Podcast - Beyond the Byline
      • Sponsored Podcast - Healthcare Insider
      • Video Series - The Check Up
      • Sponsored Video Series - One on One
    • Data Center
      • Data Center Home
      • Hospital Financials
      • Staffing & Compensation
      • Quality & Safety
      • Mergers & Acquisitions
      • Data Archive
      • Resource Guide: By the Numbers
      • Surveys
      • Data Points
    • MORE +
      • Contact Us
      • Advertise
      • Media Kit
      • Newsletters
      • Jobs
      • People on the Move
      • Reprints & Licensing