Skip to main content
Find a Lawyer
Please enter a legal issue and/or a location
Begin typing to search, use arrow keys to navigate, use enter to select

Find a Lawyer

More Options

Getting Hacked, Then Getting Sued for Getting Hacked

Shot from the Back to Hooded Hacker Breaking into Corporate Data Servers from His Underground Hideout. Place Has Dark Atmosphere, Multiple Displays, Cables Everywhere.
By William Vogeler, Esq. | Last updated on

Your company's data has been hacked, so what are your lawyers going to do?

They can't sue the hackers because they're long gone. Your company, unfortunately, is left holding the bag. That means your lawyers won't be filing a lawsuit.  Instead, they will be defending against one, or two, or three....

Sued for Getting Hacked

It's a problem that is becoming all too common. Companies get hacked, then get sued for getting hacked. It's happening again in Massachusetts.

Patients filed a class-action lawsuit against Baystate Health, weeks after a phishing attack at the medical provider. Baystate notified some 12,000 patients of a potential breach of their data. The hackers compromised employee email accounts, which contained information about demographics, diagnoses, Medicare and Social Security numbers.

In the lawsuit, the plaintiffs fault the defendant for not promptly notifying the patients. Their complaint says personal information was exposed, but does not allege actual damage from the hack. According to reports, it was not first time Baystate suffered a data breach. In 2016, the company reported a similar incident when five employees were duped by malicious emails disguised as an internal memo.

Biometric Privacy

Medical providers, like law firms, are prime targets for cyberattacks because they hold a wealth of personal information. It is also a source of increasing liability for companies that keep such information. In Illinois, the state Supreme Court ruled this year that individuals may sue organizations that violate the state's Biometric Information Privacy Act. It is unique because the law allows plaintiffs to proceed without alleging actual injury.

According to a survey in 2016, more than 16 million Americans have been victims of identity fraud. That was four million more victims than identified in 2012. Social Security numbers were stolen more than credit card numbers, reported Javelin Strategy & Research.

Bayside, meanwhile, took some action after the latest breach. It provided all patients with a year of free credit monitoring and identity theft protection.

Related Resources:

Was this helpful?

You Don’t Have To Solve This on Your Own – Get a Lawyer’s Help

Meeting with a lawyer can help you understand your options and how to best protect your rights. Visit our attorney directory to find a lawyer near you who can help.

Or contact an attorney near you:
Copied to clipboard