Ed Treleven reports:
UnityPoint Health, which operates Meriter Hospital in Madison, delayed reporting a data breach and falsely told patients that information stolen during the breach did not include their Social Security numbers, according to a federal class-action lawsuit filed Friday.
The lawsuit, filed in U.S. District Court in Madison, concerns a reported data breach discovered by UnityPoint in February that may have compromised patient data as far back as Nov. 1. The lawsuit states that the breach was the result of a “phishing attack” of employee email accounts that compromised the protected health information of at least 16,429 people.
Read more on Madison.com.