A leading U.S. health system suffered a large-scale data breach. While the initial attack was limited to food and beverage point of sales systems, the cyber criminals were able to expand their attack deeper into the client’s network, gaining access to the personally identifiable information (PII) of over 3 million patients. As a result, a class action lawsuit was brought against the client for inadequate protection of the plaintiff’s data.
Our team provided data breach response and investigative services due to our interdisciplinary approach to the collection of information housed on the dark web as well as our ability to paint a broader picture of the information that is currently available and correlate the data to show intersections and patterns.
Our dark web information was leveraged to determine if the named plaintiffs were impacted by unrelated data breaches and the extent of information included in those breaches. Our analysis enabled counsel to discount the plaintiff claims.