DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Rehoboth McKinley Christian Health Care Services settles data breach litigation for undisclosed amount

Posted on February 22, 2023 by Dissent

Rehoboth Mckinley Christian Health Care Services (“RMCHCS”) in New Mexico has reportedly settled litigation stemming from a ransomware attack that DataBreaches first reported in February 2021. Although Conti ransomware threat actors had added the health care service to their leak site and leaked some patients’ protected health information as proof of claims, there was nothing disclosed by RMCHCS at the time.

On May 19, the service posted a notice on its website and notified 209,280 patients. Their notification did not address whether they had paid any ransom or not.

According to the settlement terms reported by Top Class Actions, RMCHCS admits no wrongdoing. No total settlement amount has been disclosed. Class members can receive up to $500 for “ordinary” data breach losses including bank fees, communication expenses, credit-related costs, and up to four hours of lost time at a rate of $15 per hour. Class members who experienced any “extraordinary” data breach expenses, including unreimbursed monetary losses caused by identity theft or fraud, are eligible to receive an additional $3,500 in reimbursement if they have supporting documentation.

The case is Charlie, et al. v. Rehoboth McKinley Christian Health Care Services, Case No. 21-652 SCY/KK, in the U.S. District Court for the District of New Mexico.

For more details and deadlines, see the official settlement website at RehobothDataSettlement.com. 

DataBreaches notes one of the terms of the settlement:

New Practices: RMCHCS has implemented security-related improvements related to its cybersecurity since the Data Breach. RMCHCS agrees to provide Plaintiffs with information
regarding these improved security-related measures implemented by RMCHCS no later than 60 days after execution of the Settlement Agreement.

DataBreaches hopes these will not be just “we retrained employees to be careful” kinds of improvements.

According to HHS’s public breach tool, its investigation of the incident remains open.


Related:

  • Two more entities have folded after ransomware attacks
  • British institutions to be banned from paying ransoms to Russian hackers
  • Data breach feared after cyberattack on AMEOS hospitals in Germany
  • Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
  • Premier Health Partners issues a press release about a breach two years ago. Why was this needed now?
  • Authorities released free decryptor for Phobos and 8base ransomware
Category: Breach IncidentsCommentaries and AnalysesHealth DataMalware

Post navigation

← Activision did not notify employees of data breach for months
Thoughts on Dubin v. United States and the Aggravated Identity Theft Statute →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app
  • Au: Qantas hackers gave airline 72-hour deadline
  • Honeywell vulnerability exposes building systems to cyber attacks
  • Recent public service announcements of note — parents should take special note of these
  • Au: Junior doctor faces fresh toilet spying charges as probe widens to other major hospitals

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard
  • Trump Administration Issues AI Action Plan and Series of AI Executive Orders
  • Indonesia asked to reassess data privacy terms in new U.S. trade deal
  • Meta Denies Tracking Menstrual Data in Flo Health Privacy Trial
  • Wikipedia seeks to shield contributors from UK law targeting online anonymity
  • British government reportedlu set to back down on secret iCloud backdoor after US pressure
  • Idaho agrees not to prosecute doctors for out-of-state abortion referrals

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.
Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report