Florida Insurance Commissioner Michael Yaworsky suspended the certificate of authority of Mirra Health LLC after confirming that the company disclosed the sensitive data of more than 23,000 Florida Medicare Advantage enrollees to unlicensed offshore companies without...

A settlement in the case of Batin et al. v. Akeela, Inc. related to a June 2023 data breach has received preliminary approval from the Superior Court for Anchorage, Alaska. Case Background and Procedural History The litigation follows a previously reported agreement...

The U.S. Food and Drug Administration has designated a Class II recall for specific GE HealthCare Centricity medical imaging products due to a vulnerability that could allow unauthorized access to system credentials, with potential impacts on data integrity and system...

Essen Medical Associates decided to settle a class action litigation for $4,000,000. A cyberattack occurred in  March 2023 that impacted 904,672 current and former patients. Incident Overview Essen Medical Associates, a New York-based healthcare provider, experienced...

Proliance Surgeons agreed to a proposed $4,450,000 class action settlement resolving litigation related to a February 2023 data security incident that exposed patient information and affected hundreds of thousands of individuals. Data Security Incident and Litigation...

General Physician, P.C. has agreed to pay $2.5 million to resolve a class action lawsuit related to a 2024 cybersecurity incident that exposed patient information stored in its systems. Incident Timeline and Unauthorized Access The cybersecurity incident involved...

Compassion Health Care has agreed to a class action settlement of up to $600,000 related to a cybersecurity incident identified on or around March 17, 2025 that involved unauthorized access to protected health information (PHI) of approximately 23,600 individuals....

QualDerm Partners has confirmed a data breach affecting 1,088,993 individuals following a cybersecurity incident involving unauthorized access to its network environment. Incident Overview QualDerm Partners reported that it experienced a cybersecurity incident that...

A proposed class action settlement has been reached in Rogers, et al., v. Des Moines Orthopaedic Surgeons, P.C. over a February 2023 data security incident affecting patients' personal information, and the court-approved notice outlines monetary relief options and...

Sedgwick Government Solutions confirmed that an unauthorized party accessed an isolated file transfer system and that a ransomware group publicly claimed theft of data, triggering incident response actions. Incident Confirmation Sedgwick Government Solutions (SGS)...

Top of the World Ranch Treatment Center (TWRTC) paid $103,000 to the U.S. Department of Health and Human Services’ Office for Civil Rights to settled a potential HIPAA Security Rule violation and will implement required corrective actions. HIPAA Security Rule...

Texas Attorney General Ken Paxton has launched an investigation into the Conduent Business Services data breach, which he stated could potentially be the largest healthcare data breach in United States history. Investigation Announcement Texas Attorney General Ken...

McLaren Health Care has agreed to pay $14 million to settle class action litigation related to two ransomware attacks that occurred in 2023 and 2024 resulting in data breaches. Nature Of the Incidents McLaren Health Care encountered two ransomware attacks that...

Alabama Cardiovascular Group has resolved a class-action data breach litigation as a result of a data security breach discovered on July 2, 2024. The investigators found out that an unauthorized third party got access to its system from June 6, 2024, to July 2, 2024,...

HHS has applied the annual inflation adjustment to the civil monetary penalties for violations of the HIPAA Rules effective January 28, 2026, increasing the financial penalties for covered violations. HIPAA-certified entities also need to take note of these updates....

United Seating and Mobility, dba Numotion, decided to resolve a class action litigation associated with two data security incidents in 2024. The mobility equipment provider encountered an attack involving unauthorized access to the protected health information (PHI)...

Fortune 1000 pharmacy services provider, PharMerica, decided to resolve a class action litigation associated with a hacking incident resulting in a data breach in 2023 that impacted 5.8 million people. Besides paying $5.2 million for costs and benefits, the company...

Continuum Health Alliance, a health management and patient services provider based in Marlton, NJ, has decided to settle a combined class action litigation associated with a data breach in October 2023 that impacted over 377,000 patients of its customer, Consensus...

VisionPoint Eye Center based in central Illinois agreed to settle a class action lawsuit associated with a data breach that happened on October 2024 affecting around 67,000 individuals. This eye treatment service provider confirmed that an unauthorized third party...

Hypertension Nephrology Associates (HNA) located in Willow Grove, Pennsylvania, decided to pay $625,000 to resolve a class action lawsuit associated with a January 2024 data breach. HNA discovered the unauthorized system access on February 6, 2024 after finding a...

Dermatology practice Brevard Skin and Cancer Center in Brevard, Florida, suffered a cyberattack that was first discovered on October 14, 2025. It took quick action to keep its systems secure. Third-party cybersecurity experts investigated the nature and magnitude of...

Main Line Fertility Center, located in Pennsylvania, will pay individuals for the probable impermissible disclosure of their sensitive information to third parties through website monitoring technologies. Main Line Fertility Center used third-party tracking codes and...

Precision Imaging Centers, based in Jacksonville, Florida, offers X-ray imaging, CT, MRI, PET, and ultrasound services. It faced a class action lawsuit arising from a cybersecurity incident discovered on November 2, 2022 and agreed to settle it. Hackers breached its...

Florida’s Watson Clinic decided to resolve its class action litigation associated with a January 2024 data breach that affected 280,278 persons for $10,000,000. The threat actors stole sensitive data, which included digital images, and published it on the dark web....

On October 22, 2023, First Choice Dental, which operates 12 dental clinics in Madison and Dane counties in Wisconsin, suffered a ransomware attack. The dental care provider agreed to settle the litigation arising from the data security incident. First Choice Dental...

A group of mental health and addiction recovery treatment centers in Tampa, FL, reported a security breach involving unauthorized access to patient information. Oglethorpe provides management services to health centers, wellness facilities, and specialized hospitals...

NextGen Healthcare proposed a $19,375,000 settlement to take care of a combined class action lawsuit over a ransomware attack in 2023 that impacted over one million people. The electronic health records and practice management software company discovered the attack on...

Fraser Child and Family Center decided to pay $750,000 to resolve class action litigation involving a 2024 data breach. Fraser Child and Family Center is an autism, behavioral health, mental health, and disability services provider in Minnesota. From May 30, 2024 to...

Orthopedics Rhode Island (Ortho RI) decided to settle a class action litigation over a 2024 ransomware attack for $2.9 million. Ortho RI discovered the ransomware attack on September 7, 2025 and started a forensic investigation, which confirmed unauthorized network...