West Virginia University Medical Corporation Breach
Table of Contents
- By Steven
- Sep 08, 2022
The West Virginia University Medical Corporation is the subject of a proposed class action lawsuit following a digital attack and subsequent data breach. Former employees of the organization insinuate that it failed to compensate employees after the recent data breach adequately. The breach occurred in December of 2021. Let's take a closer look at the data breach, the ensuing lawsuit, and the potential ramifications of information theft.
What was the Breach?
The data breach compromised West Virginia University's internal data systems. In particular, the breach sabotaged the organization's payroll and timekeeping systems. Ransomware hackers were behind the attack.
The ransomware specialists accessed the WVU Medical Kronos timekeeping and payroll system. This hack prevented WVU from accounting for employee hours used to calculate financial compensation based on hours worked.
It is interesting to note that WVU Medical representatives refused to reveal whether they paid the ransom. Furthermore, the organization's public relations specialists refused to provide additional details about the hack.
How did WVU Medical Respond to the Hack?
WVU Medical executives proactively addressed the problem by tapping into the expertise of digital forensics and cybersecurity specialists. The organization also recommended that its employees manually record hours to issue a pay correction at a later date.
The point of contention is the organization's reliance on the wage amounts for the pay period ending halfway through the subsequent month instead of using records. It is alleged that the digital intrusion described above ultimately resulted in the underpayment of hardworking employees.
What Information Was Exposed in the Hack?
The full names, dates of birth, Social Security numbers, current physical street addresses, and possibly even more highly sensitive information were stolen by hackers. The foundation of the victims' ensuing legal action is a claim of negligence. Negligence is a term used by lawyers and judges to refer to the failure to provide others with the appropriate amount of care. In the context of the WVU data breach, the accusation is that the personal and valuable information exposed to hackers constitutes negligence.
Why was a Lawsuit Filed in the Aftermath of the Digital Attack?
The victims of the breach insist their sensitive personal information was not only accessed by hackers but also made publicly available on affidavits, requests, and additional court documents. Those documents were allegedly made available to employers, public notaries, and county clerks' offices.
The legal complaint filed with the court accuses the defendant of negligence stemming from the exposure of personal information to unauthorized parties. The breach may result in costly identity theft, financial fraud, and a cleanup process that chews up time, effort, and money.
How can Businesses and Everyday People Prevent Similar Attacks?
If you own, manage or work for a business or organization of any type, perform your due diligence in terms of digital security. Even if you simply have a home computer, adding the latest digital protections is in your interest to safeguard your significant tech investment.
Tap into the power of our industry-leading digital security solutions, and you'll surf the entirety of the web without worry, compute without consternation, and get the most out of the money you spend on technology.