A $4.4 million class action settlement has been issued in a data breach lawsuit against Sea Mar Community Health Centers, Inc., the largest community health center network on the West Coast. The lawsuit says that a malware infection in Sea Mar’s IT system that happened two years ago led to the records of about 678,000 patients who got medical care at 23 clinics that Sea Mar ran being made public.
Sea Mar specializes in providing health and social services to the Latino community in Washington State. Sea Mar helps the community by offering more than 90 services, such as dental, medical, and psychiatric therapies.
The plaintiff alleged that Sea Mar violated state consumer protection laws by handling its customers’ sensitive information irresponsibly. According to the lawsuit, the healthcare facility “carelessly” maintained patient information on a computer network that was “vulnerable to cyber-attacks.” The plaintiffs claim that the defendants’ fraudulent loan applications, insurance claims, and tax filings caused them harm. In June 2021, the Supreme Court of the United States made a rule that says people who have their data stolen must show they have been hurt before they can file a lawsuit.
Sea Mar claims it did not notify patients in a timely manner because it was unaware of the data breach. Patients’ names, addresses, dates of birth, Social Security numbers, health information, and, most importantly, details about their treatments were exposed by the data breach.