21st Century Oncology faces lawsuits after breach
In the wake of an October 2015 breach, four class-action lawsuits have been filed in U.S. District Court against Fort Myers-based 21st Century Oncology for failure to adequately protect patient data, according to an article in the Bradenton Herald. The plaintiffs are seeking $15 million in relief.
The FBI notified 21st Century Oncology of the data breach on Nov. 13. If the intruder was able to access the provider's database, he or she would have seen patients' personal information including names, Social Security numbers, physicians' names, diagnoses, treatment information and insurance information.
"Millions of 21st Century data breach victims have lost control of sensitive information that endangers their financial, medical and emotional well-being for the rest of their already-burdened lives," said the complaint filed on March 21.
About 2.2 million people could be members of the designated class, according to a complaint filed on March 23 on behalf of plaintiffs Jim Bimonte and Mary Ann Rodriguez.
Exhibits filed in the case indicate that the 2015 breach is not the first time 21st Century Oncology has experienced issues with cybersecurity, according to the article.
Between Oct. 11, 2011, and Aug. 8, 2012, a 21st Century Oncology Services employee accessed patient personal information and was later criminally charged. According to the case documents, the employee "used it and/or intended to use it in order to file fraudulent tax returns with the Internal Revenue Service."