If you’re one of tens of thousands of Scripps Health patients who found a postcard in the mail offering at least $100, don’t throw it out! It’s not a scam. It’s your class action settlement claim letter from last year’s ransomware attack.
A Scripps Health spokesman wouldn’t say how much the health system is shelling out to make this lawsuit go away. But a preliminary settlement agreement posted on the Scripps Data Breach Settlement Website says the health system will pay at least $3.5 million to affected patients.
The lawsuit stems from a paralyzing ransomware attack on Scripps Health about a year and a half ago, back in late April and early May of 2021.
In a statement, Scripps had said a hacker somehow accessed stores of patient data– potentially comprising identifying and medical information for more than 147,000 Scripps Health patients. Scripps healthcare providers were forced to rely on paper records for weeks.
Within months, at least four class action lawsuits were swiftly filed against Scripps Health for failing to protect patient information from cyber attackers. Those suits combined forces and reached a settlement this year, which a judge preliminarily approved.
So what does all this mean for you?
If you get one of these postcards or letters, you have until March 23rd to visit www.scrippssettlement.com and submit your claim. You can also choose to object or exclude yourself from the settlement — but your deadline to do that is a little sooner, on March 8th.
All impacted patients can claim at least $100 without proving any financial loss due to the data breach. But if you believe you’ve suffered damages as a result of the ransomware attack, you can file a claim for up to $7,500. And whether you file a claim or throw it away, you are still eligible for 36 months of cyber credit monitoring on Scripps’ tab.
So many folks were impacted by this, and several of our own coworkers here at NBC San Diego got these postcards in the mail, including photojournalist Paul Makarushka. Fortunately, he hasn’t suffered any identity theft, at least not yet, but he knows that doesn’t mean he’s out of the clear.
“I want to make sure that nothing happens in the future,” said Makarushka. “That’s actually one of my big concerns, is that the people who stole all this information are holding on to it. And selling it, and moving it from one place to the next. So maybe nothing happened in 2021, and nothing happened in 2022. I need to be careful in 2023.”
Scripps Health is a $3.1 billion dollar private not-for-profit health system, according to its website. It serves about 700,000 patients a year and operates four acute care hospitals in the San Diego area.