Another law firm gets hit….. and yes, medical info was in its files

Share on facebook
Share on twitter
Share on linkedin
Share on reddit

Today’s reminder that law firms have a wealth of personal, sensitive, and medically related info that is often not covered by HIPAA.

Coughlin & Cerhart (C&G) law firm in New York experienced a security breach in early April. It is not clear from their press release whether this was a ransomware attack or not, and has reached out to them to ask for clarification on the nature of the attack, but for now, and of note:

What Information Was Involved? C&G determined that the information impacted by this event varied by individual but may include certain individuals’ names, addresses, Social Security numbers, driver’s license numbers, passport numbers, financial account information, medical information, and health insurance information

Their full press release can be found here.

Read more