The US medical supplies company Solara suffered an incident in 2019 which reportedly affected more than 114,000 patients and also some of its employees. The breach involved personal identifying information (PII) and protected health information (PHI), where cyber criminals had accessed Solara’s Microsoft Office 365 accounts. Solara’s investigation confirmed that the accessed email accounts contained PII and PHI including names, dates of birth, billing and claims information, health insurance information, medical information, financial account information, social security numbers, driver’s licenses, state IDs, credit/debit card information, passwords/pins or account logins, Medicare/Medicaid IDs, and passport numbers. Solara has agreed to a USD 9.76 million class action settlement, which terms can be found here. A final hearing in the settlement will be held in September 2022.
