Dakota Eye Institute Data Breach Settlement Offers Up to $6,000 in Compensation
Thousands of patients affected by a 2023 data breach at the Dakota Eye Institute in North Dakota may be eligible for compensation of up to $6,000 as part of a $1 million settlement. The breach, which occurred on October 31, 2023, exposed sensitive personal information, including Social Security numbers, leaving patients vulnerable to identity theft and fraud.
A class-action lawsuit alleged that the institute failed to implement adequate cybersecurity measures to prevent the incident. While Dakota Eye Institute denied wrongdoing, it agreed to the settlement to resolve the claims. Affected individuals can file for reimbursement of out-of-pocket expenses, such as bank fees, credit monitoring costs, and fraud-related losses, with payouts ranging from $1,000 for standard expenses to $5,000 for extraordinary losses, such as identity theft.
Additionally, class members are entitled to two years of free credit monitoring (including $1 million in fraud insurance) or a $45 cash payment in lieu of monitoring. The final cash amount may vary based on the number of claims filed. To qualify, affected patients must submit documentation of their losses, such as receipts or bank statements, by the January 12, 2025 deadline.
The incident follows similar breaches involving Continuum Health and Consensus Medical Group, where patients’ data was also compromised. Claims for those cases must be filed by March 2, 2025, with compensation of up to $5,000 available.
Source: https://www.the-sun.com/money/15761195/americans-act-now-payment-data-breach-settlement/
DAKOTA EYE INSTITUTE, P.C. cybersecurity rating report: https://www.rankiteo.com/company/dakota-eye-institute-p.c.
"id": "DAK1768052018",
"linkid": "dakota-eye-institute-p.c.",
"type": "Breach",
"date": "10/2023",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Thousands of patients',
'industry': 'Healthcare',
'location': 'North Dakota',
'name': 'Dakota Eye Institute',
'type': 'Healthcare Provider'}],
'customer_advisories': 'Affected individuals can file claims for compensation '
'and receive credit monitoring services.',
'data_breach': {'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal information',
'Social Security numbers']},
'date_detected': '2023-10-31',
'description': 'Patients of Dakota Eye Institute could receive up to $6,000 '
'from a $1 million settlement after a data breach on October '
'31, 2023, exposed personal information, including Social '
'Security numbers, leaving them at risk of identity theft.',
'impact': {'data_compromised': 'Personal information, including Social '
'Security numbers',
'financial_loss': '$1,000,000 (settlement amount)',
'identity_theft_risk': 'High',
'legal_liabilities': 'Class action lawsuit'},
'lessons_learned': 'Failure to implement reasonable cyber security measures '
'can lead to data breaches and legal liabilities.',
'post_incident_analysis': {'root_causes': 'Lack of reasonable cyber security '
'measures'},
'recommendations': 'Implement robust cyber security measures to prevent data '
'breaches and protect sensitive patient information.',
'references': [{'source': 'Class action lawsuit documents'}],
'regulatory_compliance': {'legal_actions': 'Class action lawsuit'},
'response': {'enhanced_monitoring': 'Two years of free credit monitoring '
'services for affected individuals'},
'title': 'Dakota Eye Institute Data Breach Settlement',
'type': 'Data Breach',
'vulnerability_exploited': 'Lack of reasonable cyber security measures'}