HIPAA Journal’s Steve Alder reported on September 23 that the CorrectCare Built-in Well being knowledge breach lawsuit has been settled for $6.49 million. CorrectCare, a Kentucky-based medical claims processor for correctional amenities, skilled a cybersecurity breach between January 22, 2022, and July 7, 2022. The breach, affecting round 600,000 individuals, was not reported till November 2022.
“In July 2022, CorrectCare recognized a misconfiguration on its internet server that allowed two file directories to be accessed over the Web with out authentication,” Alder wrote.
Shub & Johns’s legal professional, Benjamin F. Johns, filed a category motion lawsuit in opposition to CorrectCare on December 7, 2022. “On September 17, 2024, Chief Decide Danny C. Reeves issued an order granting closing approval to the $6.9 million settlement,” Alder acknowledged.
Over 100,000 claims had been filed, representing about 17 p.c of the category motion swimsuit.