$100 Million awarded Since 1994 6,000 Satisfied Clients

Posted On August 26, 2022 Consumer Privacy & Data Breaches

Data Breach Alert: Baton Rouge General

NOTICE: If you received a NOTICE OF DATA BREACH letter from Baton Rouge General, contact the attorneys at Console & Associates at (866) 778-5500 to discuss your legal options, or submit a confidential Case Evaluation form here.

Data Breach AlertAugust 26, 2022 – Recently, Baton Rouge General posted a notice on its website announcing that the hospital experienced a data breach stemming from what appears to have been a ransomware attack. Based on an official filing from the company, the incident resulted in an unauthorized party gaining access to patients’ sensitive information; however, the Baton Rouge general page did not specify which data types were compromised. However, according to another news outlet, the ransomware attackers posted evidence of exfiltrated data, including personal and protected health information. Once Baton Rouge General confirms which patients were affected and what data was subject to unauthorized access, the hospital indicates it will begin sending out data breach notification letters to all individuals who were impacted by the recent incident.

If you receive a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the Baton Rouge General data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from Baton Rouge General.

What We Know So Far About the Baton Rouge General Breach

According to an official notice filed by the hospital, on June 28, 2022, Baton Rouge General detected suspicious activity across its computer systems. In response, the hospital worked with third-party cybersecurity specialists to investigate the incident. This investigation revealed that there was unauthorized access to its network between June 24, 2022 to June 29, 2022. Baton Rouge General also confirmed that the unauthorized actors had access to sensitive patient data as a result of the attack.

Upon discovering that sensitive consumer data was accessible to an unauthorized party, Baton Rouge General then began the process of reviewing the affected files to determine what information was compromised and which consumers were impacted. This review is still underway. Baton Rouge General stated that it would send out data breach letters to all individuals whose information was compromised as a result of the recent data security incident once its review is complete.

However, since the hospital posted the “Notice of Data Event” on its website, Hive, a well-known and prolific ransomware gang, took credit for the attack and started posting stolen data on the group’s leak site. Evidently, the exfiltrated data includes patients’ personal and protected health information, including “mental health updates to courts, batched billing for named patients with named diagnostic tests from LabCorp, some employee health records, ACH records going back to 2009, and scanned pdfs of patient files with demographic and medical information, such as patient intake forms for pain management at Baton Rouge Rehab Hospital.”

Despite this, Baton Rouge General’s notice continues to state that it “is unaware of any actual or attempted misuse of information in relation to the incident.”

More Information About Baton Rouge General

Founded in 1900, Baton Rouge General is a healthcare system in Baton Rouge, Louisiana. Baton Rouge General operates three main campuses, as well as several dozen clinics throughout the area and the Regional Burn Center. Baton Rouge Hospital, through all its offices and affiliates practices, provides the following services to patients:

  • Behavioral Health
  • Birth Center
  • Bone Health
  • Burn Care
  • Cancer Care
  • Cardiovascular Care
  • Dermatology
  • Emergency Services
  • Gastroenterology
  • Neurosciences
  • OB/GYN Services
  • Orthopedics
  • Pediatrics
  • Primary/Urgent Care
  • Radiology & Imaging
  • Rehabilitation & Therapy
  • Surgery

Baton Rouge General employs more than 3,500 people and generates approximately $513 million in annual revenue.

If You Have Questions About Your Rights Following the Baton Rouge General Data Breach, Console & Associates, P.C. Can Help

At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the Baton Rouge General data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.

To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.

Below is a copy of the initial data breach letter issued by Baton Rouge General (the actual notice sent to consumers can be found here):

Dear [Redacted],

General Health System (“GHS”) recently discovered an incident that may have impacted the privacy of information related to certain individuals. While GHS is unaware of any actual or attempted misuse of information in relation to the incident, it is providing potentially affected individuals with information about the incident and steps individuals may take to help protect against the possible misuse of your information.

What Happened?

On June 28, 2022, GHS became aware of suspicious activity related to certain GHS computer systems. GHS immediately launched an investigation, with the assistance of third-party forensic specialists, to determine the nature and scope of the activity. Through the investigation, it was determined that there was unauthorized access to GHS’s network between June 24, 2022 to June 29, 2022. The unauthorized actor had the ability to access certain directories while on the network. Therefore, GHS is undertaking a comprehensive review of the contents of the directories determined to be at risk to assess what sensitive information was contained within them and to whom the information related. GHS’s review is ongoing and once completed GHS intends to mail notice letters to potentially affected individuals.

What Information Was Involved?

The contents of the potentially affected directories are being reviewed to determine what sensitive data was contained therein. Once the review is complete, GHS intends to send notice letters to affected individuals that detail the specific information related to them that could have been accessed.

How Will Individuals Know If They Are Affected By This Incident?

GHS is currently undertaking a comprehensive review of the contents of the directories determined to be at risk to assess what sensitive information was contained within them and to whom the information related. This review is ongoing and once completed, GHS intends to notify the potentially affected individuals via mailed notification letters. If your data is impacted, the letter you receive will state what information related to you could have been accessed.

What You Can Do.

GHS encourages individuals to remain vigilant against incidents of identity theft and fraud by reviewing your account statements and monitoring your credit reports for any unauthorized or suspicious activity. You can also review the “Steps Individuals Can Take to Help Protect Personal Information” below for further guidance.

For More Information.

We understand individuals may have questions about the incident that are not addressed in this notice. If you have questions, please call 855-939-4252 Monday through Friday from 8:00 a.m. to 8:00 p.m. Central Time, excluding holidays. You may also write to GHS at 8595 Picardy Avenue, Suite 100, Baton Rouge, LA 70809.

NOTICE: If you received a NOTICE OF DATA BREACH letter from Baton Rouge General, contact the attorneys at Console & Associates at (866) 778-5500 to discuss your legal options, or submit a confidential Case Evaluation form here.