Slashdot Mirror
US Health Insurer Premera Blue Cross Accused of Destroying Evidence in Data Breach Lawsuit (zdnet.com)
Catalin Cimpanu, reporting for ZDNet: The plaintiffs of a class-action lawsuit against health insurance provider Premera Blue Cross are accusing the organization of "willfully destroying" evidence that was crucial for establishing accurate details in a security breach incident. In court documents filed last week obtained by ZDNet, plaintiffs claim that Premera intentionally destroyed a computer that was in a key position to reveal more details about the breach, but also software logs from a security product that may have shown evidence of data exfiltration. Establishing if hackers stole data from Premera's systems is crucial for the legal case. Breach victims part of the class-action will be to claim a right for monetary compensation, while Premera may argue that since hackers did not steal data from its servers, there is no tangible harm to victims. The class-action lawsuit is in connection to a March 2015 announcement. Back then, Premera announced that hackers breached its systems and gained access to computers holding the personal and medical data of over 11 million Americans.
Insurance companies are leaches on society. Are you really surprised they'd engage in such behavior?
1.) Ok, you can get call records from the phone company with SMDR details (difficulty high)
2.) Hunt down ex-employees that know details of your employees getting shafted
3.) Get class action status of Bad Faith insurance
4.) Pierce corporate veil and put liens on CEO of the times personal property or trusts
Hard to believe zero claim payouts, as even one or a handful of payouts would be enough for plausible deniability so these are imbeciles if corporate America !
Cyber security lawsuit is more tenuous than bad faith of insureds paying in.
http://www.aisnota.com/slashdot/ Welcome to Logic and the Future
Same here. Premera paid no claims for years so we finally switched to UnitedHealthcare. United is much better since they paid the claim of one of our three employees that gave birth. 1/3 sounds bad, but it's so much better than nothing.
If it can be shown that evidence was deliberately destroyed (and yeah, that's the hard part), then there's generally a legal presumption that the evidence showed the worst possible interpretation of the case for the party which destroyed (else why destroy it?).
Of course when the evidence that they destroyed evidence has also been destroyed, and the evidence of that has been destroyed... well, you get the idea.
-- Alastair
1/3 sounds bad, but it's so much better than nothing.
That must be an awful way to live. You have my sympathy.
It's really is awful.
My wife broke her ankle last year, and was seen immediately at the A&E by a series of well trained competent doctors and nurses.
She was then admitted and stayed in hospital for the next three weeks and had an operation.
When she did come home she had a home help person come to clean the house, and the district nurse checked on her for 6 weeks or so.
But it get worse! So much worse!
When she decided some (extra) physiotherapy was needed, I had to pay nearly $15 per session!
I know !!
For nearly ten years before I retired BCBS was the insurance vendor for where I worked.
After I retired I switched to their supplement plan. Four years later, even though my wife and I had made few claims, which they were very slow paying, if at all, we got a notice saying that our "group" was being canceled. So we contracted with another supplement vendor. Three months later BCBS sent us an ad telling about a new policy, which was exactly like the policy they dropped, except that it cost about 50% more. We have received several ads from them since but all are immediately sent to file 13.
Running with Linux for over 20 years!
Ok, I get it. The article says, "Breach victims part ...". I thought the word "victims" was a noun, and "part" was a verb, as in the victims were parting from something.
The word [victims] here should be [victims'] (with an apostrophe after the word, meaning possessive). So [Breach victims] describes the noun "part". So the article means "the part of the lawsuit that belongs to the breach victims".
It should be "... victims [who are] part of ...".
Did you mount a military-grade, variable-focus MASER on an unlicensed artificial intelligence?
Timeline:
- 2014, the OPM warning
- 2015, Premera announces breach
- 2015, Lawsuits filed
- 2016, One computer destroyed for end-of-life
- 2018, Plaintiffs ask for all computers *** This motion makes all computers "evidence"
- 2018, Premera gives all but destroyed
I can destroy my desktop today. It can be crucial to a lawsuit tomorrow. Today it is not evidence. It isn't evidence tomorrow, either, because I destroyed it today.
I am not compelled to preserve my desktop until served notice.
Timing is everything.
It little behooves the best of us to comment on the rest of us.
I've worked at places that use an insanely short email retention policy to get out of e-discovery in lawsuits. One place had a 30-day retention..anything older than that and, "la la la, we have no record of the email you are attempting to recover." And apparently that works, if you have a written policy stating that you don't keep email or backups for more than X days.
But, couldn't any company just send all their computers to the metal shredder the second a lawsuit is filed using the same argument? Maybe that's how they're planning on hiding how bad their data breach was. Somehow I doubt that though...if there were no rules against destroying evidence, every computer would have a self-destruct circuit in it.
Of course no one knows what actually happened, but this totally reads like some clueless CIO getting pressure from the board and CEO to just make the problem disappear.
Until the entire board of directors and everyone with a C*O in their title goes to prison for shit like this, nothing will change in the corporate world. Pissy little fines that barley make a blip on the bottom line will do nothing, and that's probably all that will happen AGAIN.
--- Keep the choice with the user..
in prison the state pays the doctor with no claim bs.
Some doctors like it same pay + much less paper work.
A corparation can only be trusted to do whatever is in its best interest. Even If there are no psychopaths in its top management. The committee will always choose to do what is best for the company no matter what the law is. Its one of the reasons we need more regulation in this country. Several generations of US citizens have now been convinced that government regulation is bad. They have been convinced of this to preserve the bottom line of companies whose management closely resembles the communist party of Russia. Look at how they elect their leaders and who decides who is on the boards. Doesn't look like democracy in any way.
Meanwhile, I hope that all private insurance companies get caught with their pants down, and ideally ruined. If enough of them hang, maybe support for a public option or Medicare-for-all will increase. Kick 'em to the curb.
Fine them something they can't pay, say the max of $50,000 per case. Then nationalize them, or put them under state control after the fines bankrupt them. Make them a test case for a public option.
2015 compensation included a base salary of $1.07 million and incentive plan payouts of $2.45 million.
A better news story would be to illuminate what the "incentive plan" is... or maybe to expose just how much $ they spend on lobbying.
Thatâ(TM)s why Iâ(TM)m sticking with Kaiser Permanente. Yes I have heard bad stuff about them but bad surgeries do not seem to happen more frequently than at other places. The thing that never happens with them is a giant magical bill out of nowhere. When our son was born he was premature and in breach position. We had to do an unplanned c-section and we stayed 4 days in the hospital after the surgery. The total bill was $750, in the middle of Silicon Valley. We then had daily follow ups on how to feed a premature baby, free, including the seringues and tubing. Sometimes, rarely, they charge us more than we are supposed to for a visit and then they mail us a check without even us asking or mentioned ning anything. So Iâ(TM)m actually less worried about medical malpractice there, since the doctors have no incentives to do useless exams or surgery, they are less stressed because they donâ(TM)t have to deal with external insurance paperwork, and I never have to worry about a magical high bill in the mail.
For anyone who believes the U.S. government is capable of doing healthcare I just recommend they look at the VA. The VA is what everyone's healthcare would look like if there was one payer in the U.S.