« Information Technology
  

Henry Ford Health to Pay Settlement in Data Breach Lawsuit

The settlement comes more than a year after the March 2023 data breach.

By Jeff Wardon, Jr., Assistant Editor


Cyberattacks of all types are not only dangerous, but they are also increasingly common and costly. Henry Ford Health faced these in the fallout from a data breach in 2023 and the resulting class action lawsuit filed against them. 

Henry Ford Health agreed to a $700,000 settlement over a data breach class action lawsuit, according to court records. The lawsuit came after the healthcare organization began notifying individuals in July 2023 affected by a March 2023 data breach, which may have involved their compromised protected health information. Some of the individuals filed a class action lawsuit against Henry Ford Health in July 2023, alleging that the organization was responsible for the incident since they didn’t properly protect the information. While Henry Ford Health agreed to settle, they haven’t admitted to any wrongdoing in the case.  

The March 2023 data breach was the result of a phishing attack on the organization, as some of the patient information was contained in affected email boxes. 

Related: Healthcare Cyber Incidents by the Numbers

Phishing attacks such as the one Henry Ford Health experienced are growing more common. In fact, a survey from Spacelift says 94 percent of respondents experienced phishing attacks in 2023.  The report also revealed: 

  • 95 percent of data breaches were driven by financial motivations. 
  • 74 percent of phishing attacks that succeeded were somewhat due to human error. 
  • In Q3 2023, 493.2 million phishing attacks were documented, which was up from 180.4 million from Q2 2023. 
  • Among the security managers surveyed, 91 percent were not confident about the efficacy of standard security training. 
  • Since ChatGPT’s release in November 2022, the number of phishing emails has increased by 1,265 percent. 

With the prevalence and risks of phishing, healthcare facilities must know how to detect and protect themselves from these attacks. The U.S. Federal Trade Commission (FTC) recommends four ways to shield oneself from phishing attempts: 

  • Protect computers by making use of security software and set it to update automatically. 
  • Protect cell phones by setting their software to update automatically. 
  • Protect accounts by setting up multi-factor authentication (MFA), which requires two or more credentials to log in to an account. These extra credentials come in three types: 
    • Something one knows (such as a passcode, PIN or a security question answer) 
    • Something one has (such as a one-time verification passcode received via text, email or an authenticator app) 
    • Something one is (such as a fingerprint, retina or face scan) 
  • Protect data by backing it up, both on computers and cell phones. 

Jeff Wardon, Jr., is the assistant editor for the facilities market. 



October 30, 2024


Topic Area: Information Technology , Security

Recent Posts

Wesley Rehabilitation Center Specializes in Patients from Design to Care

Barge knew that patients were at the core of the design process.

Casa Colina Center for Disorders of Consciousness Officially Opens

New program addresses critical need for patients with severe brain injuries.

Legionella Detected at Michigan Health Facility

Case follows a similar finding of Legionnaires’ disease in a former patient.

Crystal Spring Tower Opens at Carilion Roanoke Memorial Hospital

The new cardiovascular institute improves access and care across the region.

Hospital Evacuation Highlights Importance of Emergency Preparedness

Berger Hospital was evacuated after smoke was discovered in the basement.

 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.