Forefront Dermatology Has Agreed to Pay Nearly $4M Settlement
Table of Contents
- By Steven
- Published: Nov 23, 2022
- Last Updated: Nov 24, 2022
Forefront Dermatology has offices throughout the United States but is based out of Wisconsin. In May 2021, it suffered an enormous data breach impacting nearly 2.5 million people. Since the breach, the company has faced a lawsuit for the damage the breach caused to both customers and employees. November 21, 2022, the company agreed to pay out $3.75 million as a settlement so it could resolve the class action lawsuit it faced.
How Did the Attack Occur?
The original data breach that took place in May 2021 occurred as a result of inadequate data protection practices. The lawsuit stated the company never employed an appropriate data security method to protect the data the company held onto. Hackers were able to access the information of 2.4 million people, including both patent information and that of the company's employees.
What Information Was Viewed or Stolen?
The hacker that found the information in Forefront Dermatology retrieved information on both patients and some employees. The information involved includes:
- Names and birth dates
- Any address that was on file
- Dates the patient received services
- Account numbers and patient identification numbers
- Medical record identification numbers
- Names of any providers seen
- Specific medical treatment details
- And more
Thankfully, there was no proof that the hacker accessed financial information, driver’s license info, or any social security numbers.
How Did Forefront Dermatology Admit to the Breach?
As part of the settlement, Forefront Dermatology did not admit they did anything wrong. However, they wanted the class action lawsuit resolved, so they agreed to pay out. Anyone that was part of the class action lawsuit can possibly receive credit monitoring services for up to two years, plus they may be eligible to get some documented losses reimbursed for up to $10,000 per individual. They are also allowing class action lawsuit members to submit their claims for lost time. Each individual can request up to five hours at an hourly rate of $25/hour.
What Will Become of the Stolen Information?
Health companies have been the long-standing targets of hackers, and this company is no different. However, no signs currently point to the hacker using or selling the information. Shortly after Forefront Dermatology began notifying patients of the breach, they also warned patients to monitor their statements carefully. The company asked people to read through every statement they received, both from the company and their health insurance providers, to ensure no inaccurate services appeared on their bills.
What Should Affected Parties Do in the Aftermath of the Breach?
For individuals who worry they were part of the initial breach, investing in identity monitoring services is the best course of action. This service provides notifications any time personal data shows up in places it should not, such as the dark web.
Those who were part of the class action lawsuit should reach out to their attorney and find out the best method to receive the compensation they may be entitled to. It may not be a lot, but it gives you the peace of mind that your information is being securely monitored.
