DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Personal Touch and Crossroads Technologies sued after Maze Team attack

Posted on April 12, 2020 by Dissent

As reported by TopClassActions:

A former patient says that home health provider Personal Touch failed to protect patients and customers from a ransomware attack on their computerized records.

The hospital ransomware class action lawsuit was filed by plaintiff Lugenia Booker, who says that her personal information was included in the computer records of Personal Touch Holding Corp. Personal Touch runs a group of subsidiaries nationwide that provide home health care services in a range of states. Co-defendant Crossroads Technologies manages Personal Touch’s sensitive information in cloud-based computer storage, the complaint says.

The Personal Touch Ransomware Class Action Lawsuit is Case No. 1:20-cv-00583-CCC, in the U.S. District Court for the Middle District of Pennsylvania, Reading Division.

DataBreaches.net has reported on the Crossroads Technologies/Personal Touch breach several times since January. Booker’s complaint appears to be pretty much boilerplate language. I didn’t find any specific details in it that would support some of the claims. But what we are seeing more and more seems to be the argument that an entity is guilty of negligence because they had a breach even after the FBI and/or HHS warned entities about the increased risk of breaches of this kind, etc.  That argument seems to assume that knowing you are at risk means you can do something to actually prevent a breach and are somehow negligent if you didn’t prevent it.  That’s an untenable position, or should be. Did Crossroads Technologies make mistakes or fail to update and patch promptly, resulting in the breach or contributing to it?  We don’t know at this point.  So far, the biggest mistake I think Personal Touch made is that they don’t appear to have offered those affected any credit monitoring and identity theft restoration services. Given that they know that some data was dumped publicly and that they know Maze acquired even more data than was dumped, why didn’t they offer those affected any services?

This is not the only federal case in which Lugenia Booker is a plaintiff. Her name also appears in dockets for two cases in the Southern District of New York for litigation stemming form 9/11. Those cases are still open.

 

Related posts:

  • More details emerge on one of Maze Team’s victims
  • NY: Personal Touch Holding Corp. hit by ransomware attack at MSP, more than 750,000 affected
  • More Maze Team victims are revealed
  • Personal Touch Holding settles NY Attorney General’s lawsuit stemming from 2021 ransomware incident: will pay $350k, improve security
Category: Breach IncidentsHealth DataMalwareU.S.

Post navigation

← New Wiper Malware impersonates security researchers as prank
Saint Francis Ministries Will Be Notifying Patients of Breach →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.