San Diego-based Scripps Health has agreed to pay more than $3.5 million dollars to victims of a massive data breach last year that compromised the personal information of more than one million patients, CBS 8 reports.
The May 1, 2021 ransomware attack crippled the healthcare company’s computer system. In the breach, hackers obtained customers’ health information and personal financial data and placed more than one million people at risk of identity theft.
Scripps’ computer system was impacted for nearly a month as the company scrambled to prevent additional data breaches from occurring.
Since the breach, Scripps’ customers whose information was obtained began filing class action lawsuits against the healthcare provider.
In recent months, Scripps and attorneys for the patients have agreed to end the lawsuit.
As part of the agreement, Scripps Health has agreed to pay $3.57 million in “minimum cash settlements” of $100 for each plaintiff. In addition, the healthcare company will pay up to $7,500 to those whose identities were stolen and who qualified for, according to the settlement, “extraordinary out-of-pocket expenses.”
In addition, Scripps has also agreed to provide credit monitoring and identity theft protection to the nearly 1.2 million people who joined the lawsuit. Read more.
