Law Firm Investigates Banner Health Data Breach
Earlier this month, Banner Health confirmed that cyber attackers had gained access to its servers. Late last week, class action law firm Keller Rohrback announced it was investigating reports that indicated nearly 3.7 million patients, health plan members, beneficiaries, food and beverage customers and physicians may have had their personal information exposed.
The hackers initially focused their attack on the payment cards used at Banner Health food and beverage outlets. They stole payment card information, including cardholder names, card numbers, expiration dates and verification codes. However, the criminals may have hacked other servers, and stole patient and health plan information, including names, addresses, birth dates, doctor and service information, and social security numbers.
A list of potentially breached locations can be found on Banner’s website. Most of the locations are in Arizona.
One of areas of concern for Keller Rohrback is the time it took the company to notify people of the potential breach. The attack occurred between June 17, 2016 and July 7, 2016, but it took over a month for employees and patients to be notified.
“Banner Health’s patient and client information should have received greater protection and notifications should have occurred immediately upon learning of this attack. There is a fundamental breakdown when accessed credit card information at a food outlet can lead to a hacker also accessing highly confidential patient information,” said Keller Rohrback attorney Amy Hanson.
The law firm asks anyone who may have been affected to contact firstname.lastname@example.org.