On May 13, 2022, Cleveland, Ohio-based motion and control technology manufacturer Parker-Hannifin Corp. reported to the U.S. Department of Health and Human Services (“HHS”) a hacking incident involving a network server containing sensitive information of nearly 120,000 members of its employee group health plan. The incident is the largest HIPAA breach reported by a health plan that has been posted on the HHS OCR website in 2022.
According to Parker-Hannifin, an unauthorized third party gained access to and may have acquired “certain files” on Parker’s IT systems between March 11, 2022 and March 14, 2022. The affected files are believed to include information related to current and former employees, their dependents and members of Parker’s Group Health Plans, including health plans sponsored by an entity acquired by Parker.
Potentially affected information includes names, Social Security numbers, dates of birth, addresses, driver’s license numbers, U.S. passport numbers, financial and banking account information, online account usernames/passwords, health insurance plan member ID numbers, and dates of coverage. For some individuals, the information may also include dates of coverage, dates of service, provider names, claims information, and medical and clinical treatment information.
On March 31, 2022, Conti ransomware actors claimed they had been behind the attack and leaked data stolen in the Parker-Hannifin incident
If you received a notification letter that your personal information was impacted by the breach (or if you are a current or former member of the Parker-Hannifin employee group health plan but did not receive the letter), Goldenberg Schneider, LPA would like to discuss your legal rights and options.
You can contact Goldenberg Schneider, LPA by calling 513-982-1569 or you may complete the contact information form below.