Gary Mason Speaks with Bloomberg Law on Data Breaches

Bloomberg Law recently reported on the surge in health related data breaches. According to the report, companies handling health data are fending off more cyberattacks each year, and those that do get hacked are facing costly litigation at rapidly rising rates. “The monthly average of new class actions filed over health data breaches so far this year is nearly double the rate from 2022, according to a Bloomberg Law analysis of 557 complaints filed against companies in federal courts over the last five years,” according to Bloomberg, further noting that “many of the lawsuits seek civil damages in the millions of dollars, bolstered by claimed classes with large member numbers.”

The report then quoted Mason LLP partner Gary E. Mason who observed: “Many hospital systems and other large health-care entities also make tempting targets for cybercriminals because they have deep pockets, are well insured, and are willing to pay to resolve ransomware attacks.” 

The health industry saw the largest increase in average ransom paid last year up to more than $1.5 million, according to an annual cybersecurity report published by Baker & Hostetler LLP in April.

Defense and plaintiff attorneys couldn’t identify a new legal precedent to explain the spurt in health data breach filings. But coalescing factors including proliferating ransomware attacks, public notification rules, and growing consumer awareness of privacy issues likely combined to fuel the litigation spike, attorneys told Bloomberg Law.