Law firm representing New York hospitals forced to pay $200K over health data breach

Heidell, Pittoni, Murphy & Bach, a law firm that represented New York City area hospitals, has been forced to pay $200,000 to the state for its role in a 2021 data breach that compromised the health information of 114,000 patients.

In addition to the penalties, the law firm must take measures to enhance its cybersecurity posture. 

The attacker was able to exploit a vulnerability in HPMB's Microsoft Exchange email server, according to a March 27 New York attorney general news release.

Electronic health information, patient names, dates of birth and Social Security numbers were exposed as part of the breach.

Copyright © 2023 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars