PIH Health Facing Lawsuit Over December 2024 Ransomware Attack

The lawsuit alleges negligence, invasion of privacy and other complaints stemming from the ransomware attack.

By Jeff Wardon, Jr., Assistant Editor


A ransomware attack on December 1 stalled operations across three of PIH Health’s hospitals as hackers stole reportedly up to 17 million patient records, including confidential medical and personal data.  During the attack, the hackers allegedly made negotiations in exchange for a decryption key. 

As a result of the cyberattack, a man from Whittier, California, is suing PIH for allegedly not keeping his confidential information safe from hackers, Pasadena Star-News reports. The lawsuit seeks unspecified damages for negligence, invasion of privacy and other complaints stemming from the ransomware attack. At the time of publication, PIH has yet to comment on the lawsuit. 

Ransomware attacks are costly to healthcare facilities, not only legally, but also in terms of their literal financial impacts, down time and reputational damage. 

According to The State of Ransomware in Healthcare 2024 published by Sophos, 65 percent of ransom demands were for $1 million or more, and 35 percent were for $5 million or more. The median payment was $1.5 million, and the average payment was $4.4 million out of 99 organizations surveyed that admitted to paying the ransom. 

Down time can hamper a healthcare facility’s operations or bring them to a standstill. According to a study from Comparitech, down time varied from minimal disruption to months long. On average, healthcare organizations lost nearly 14 days to down time, with each year varying from 2.6 days in 2018 to 18.71 days in 2023. 

However, not even a healthcare facility’s reputation can escape being damaged. An example of this is the Change Healthcare cyberattack, as Errol Weiss, chief security officer at Health-ISAC, previously told Healthcare Facilities Today. The cyberattack on Change Healthcare was because the organization hadn’t put multifactor authentication (MFA) in place to a remote desktop access portal, allowing attackers to use stolen credentials to access the organization’s systems. 

While Change Healthcare is a provider of revenue and payment cycle management, it’s a critical part of the healthcare supply chain. Regardless of a cyberattack hitting the supply chain or an actual facility, it will impact the quality of caregiving and overall operability of a healthcare facility. Eventually, this can erode the public’s trust and make their opinions toward healthcare organizations unfavorable. 

These costs can weather away at the public perception of healthcare if they aren’t addressed immediately. There are key areas healthcare organizations and facilities can focus on to protect themselves from cyberattacks and ransomware, according to Weiss: staying up to date on security patches, backing up systems and data, and using MFA. 

Jeff Wardon, Jr., is the assistant editor for the facilities market. 



January 8, 2025


Topic Area: Information Technology , Security


Recent Posts

The Future of Healthcare Facility Construction Projects

Brian Cowperthwaite highlights the invisible work that impacts everyone who walks through a healthcare facility.


Ground Broken on Jupiter Medical Center's Second Hospital

The 53,000-square-foot hospital will include 29 inpatient beds, four operating rooms, 24-hour emergency services, a diagnostic laboratory and imaging services.


Singing River Health System Ensnared by Data Breach

Through an investigation, on February 10, 2026, SRHS learned that the unauthorized party had accessed certain SRHS files that contained patient information.


Partnering on Personnel: Strategies for Success

Environmental services in healthcare have special staffing circumstances. They must meet stringent compliance standards and maintain accreditations.


Kaiser Permanente Opens First Two Medical Offices in Northern Nevada

These are part of its joint venture with Renown Health.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.