March 31, 2022 – Labette Health notified current and former patients and staff about a cybersecurity incident that compromised the personal information of 85,365 of its patients and staff. Its investigation into the security breach revealed the files impacted may have contained individual names, addresses, dates of birth, email addresses, telephone numbers, Social Security number, medical treatment and diagnosis information, treatment costs, dates of service, prescription information, Medicare or Medicaid number, and/or health insurance information. On March 11, 2022, Labette Health sent a letter to all persons whose data was compromised by the breach.
Labette Health’s investigation determined that unauthorized individual(s) potentially accessed and acquired information from portions of its network between October 15, 2021 and October 24, 2021. On February 11, 2022, following an extensive review and analysis of the data at issue, Labette Health determined that certain files and folders that may have been accessed or acquired contained identifiable personal and/or protected health information of employees and certain patients who received services from Labette Health.
What is Labette Health Doing in Response to the Breach?
Labette Health has strengthened its network and implemented additional security improvements recommended by third-party cyber security experts. These include resetting account passwords and strengthening its password security policies, implementing multi-factor authentication for network access, upgrading its endpoint detection software, and coordinating additional employee training related to network security and threat detection.
For the individuals whose Social Security numbers were impacted, complimentary credit monitoring was offered.
Should You Be Concerned?
If you received a data breach notice letter from Labette Health, your personal data may have been seen by unauthorized cyber-criminals. Worse, the cyber-criminals may have removed your data from the company’s network so they can sell it on the Dark Web, leaving you vulnerable to credit card fraud, identify theft and a variety of scams.
Cybercriminals can pair the data with other available information to commit a broad range of fraud in a Class Member’s name, such as: obtaining employment; obtaining a loan; applying for credit cards or spending money; filing false tax returns; stealing Social Security and other government benefits; and applying for a driver’s license, birth certificate, or other public document.
Armed with personal information, cybercriminals can easily obtain tax returns or open fraudulent credit card accounts. Social Security numbers can be used to create a false identification for someone who commits a crime, impairing the victim’s ability to gain employment or obtain a loan. It goes without saying that cybercrimes can have a significant negative financial impact on it victims, as well as cause severe emotional distress.
Victims of the breach can take a variety of measures to protect themselves as discussed below.
What You Should Do
If you received a data breach notice letter from Labette Health, you should take certain steps to safeguard your identify. We recommend the following:
- Enroll in the free credit monitoring service provided by Labette Health.
- Get your free credit report from annualcreditreport.com, and check for any accounts or charges you don’t recognize.
- Check the monitoring application regularly to see if your data has been compromised or if your data is being used for fraudulent purposes;
- Consider placing a free credit freeze. A credit freeze makes it harder for someone to open an account in your name.
- Try to file your taxes early, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.
- Don’t believe anyone who calls and says you’ll be arrested unless you pay for taxes or debt — even if they have part or all of your Social Security number, or they say they’re from the IRS.
- Change your online passwords and security questions;
- Regularly review your credit card and bank account statements for signs of suspicious activity;
- Monitor your credit report for any unexpected changes that may be a sign of identity theft;
- Contact one of the major credit bureaus to request they add a fraud alert to your profile; and
- Immediately notify your banks and credit card companies if you identify any suspicious activity
What Else Should You Do?
Data breach victims may be able to seek compensation through a class action. Class actions are frequently filed against companies that are breached. While these cases sometimes go to trial, most data breach class actions settle and provide a variety of benefits to class members. These benefits may include additional years of credit and identity monitoring, compensation for time spent responding to the breach, reimbursement for any losses from fraud related to the breach or nominal damages. If you want to learn more about data breach class actions and how you can participate in one against Labette Health, you should contact a data breach attorney as soon as possible.
Sign up with us below to pursue this or to find out more information: