Former Nuance Employee Arrested After Geisinger Data Breach Exposed 1.2 Million Records

Share This Post

Pennsylvania healthcare provider Geisinger is facing a class action lawsuit after a former Nuance employee accessed the personal information of more than 1.2 million individuals in November 2023.

Geisinger discovered the data breach in late November and immediately notified Nuance – a Microsoft-owned company – that “a former Nuance employee had accessed certain Geisinger patient information two days after the employee had been terminated,” the company said in an incident notice. The employee’s access to the data was immediately terminated.

The information that was potentially accessed and stolen, the healthcare provider said, included names, addresses, dates of birth, phone numbers, race, gender, admit and discharge or transfer codes, and medical record numbers.

“No claims or insurance information, credit card or bank account numbers, other financial information, or Social Security numbers were inappropriately accessed by the company’s former employee,” Geisinger said.

According to the company, Nuance is notifying individuals potentially impacted by the incident, and the former employee – Max Vance, aka Andre J. Burke – has been arrested and indicted.

Geisinger said notifications to impacted individuals were delayed at the request of law enforcement agencies investigating the incident.

Last month, Geisinger informed the U.S. Department of Health and Human Services that 1,276,026 individuals were affected by the data breach.

Last week, a federal class action lawsuit was filed against Geisinger in the U.S. Middle District Court of Pennsylvania for failing to properly secure patients’ personal and health information. The plaintiff, James Wierbowski, seeks damages of more than $5 million.

Advertisement. Scroll to continue reading.

Recently acquired by Kaiser Permanente’s non-profit charitable organization Risant Health, Geisinger operates 134 care sites across Pennsylvania, including 10 hospital campuses, and has over 26,000 employees.

Related: 300k Affected by Year-Old Data Breach at Florida Community Health Centers

Related: Prudential Financial Data Breach Impacts 2.5 Million

Related: Neiman Marcus Data Breach Disclosed as Hacker Offers to Sell Stolen Information

Related: Data Breach Victims Sue Rhode Island Transit Agency, Insurer

This post was originally published on this site

More Articles
Article

Navigating SEC Regulations In Cybersecurity And Incident Response

Free video resource for cybersecurity professionals. As 2024 approaches, we all know how vital it is to keep up to date with regulatory changes that affect our work. We get it – it’s a lot to juggle, especially when you’re in the trenches working on an investigation, handling, and responding to incidents.

Report

Harassment or bullying behavior
Contains mature or sensitive content
Contains misleading or false information
Contains abusive or derogatory content
Contains spam, fake content or potential malware

Block Member?

Please confirm you want to block this member.

You will no longer be able to:

  • See blocked member's posts
  • Mention this member in posts
  • Invite this member to groups
  • Message this member
  • Add this member as a connection

Please note: This action will also remove this member from your connections and send a report to the site admin. Please allow a few minutes for this process to complete.

Report

You have already reported this .