US Health Insurer Premera Blue Cross Accused of Destroying Evidence in Data Breach Lawsuit (zdnet.com) 72
Catalin Cimpanu, reporting for ZDNet: The plaintiffs of a class-action lawsuit against health insurance provider Premera Blue Cross are accusing the organization of "willfully destroying" evidence that was crucial for establishing accurate details in a security breach incident. In court documents filed last week obtained by ZDNet, plaintiffs claim that Premera intentionally destroyed a computer that was in a key position to reveal more details about the breach, but also software logs from a security product that may have shown evidence of data exfiltration. Establishing if hackers stole data from Premera's systems is crucial for the legal case. Breach victims part of the class-action will be to claim a right for monetary compensation, while Premera may argue that since hackers did not steal data from its servers, there is no tangible harm to victims. The class-action lawsuit is in connection to a March 2015 announcement. Back then, Premera announced that hackers breached its systems and gained access to computers holding the personal and medical data of over 11 million Americans.
Of course (Score:1)
Re: (Score:3)
Re: (Score:2)
Ok, I get it. The article says, "Breach victims part ...". I thought the word "victims" was a noun, and "part" was a verb, as in the victims were parting from something.
The word [victims] here should be [victims'] (with an apostrophe after the word, meaning possessive). So [Breach victims] describes the noun "part". So the article means "the part of the lawsuit that belongs to the breach victims".
It should be "... victims [who are] part of ...".
Re:Premera in Washington State (Score:2)
1.) Ok, you can get call records from the phone company with SMDR details (difficulty high)
2.) Hunt down ex-employees that know details of your employees getting shafted
3.) Get class action status of Bad Faith insurance
4.) Pierce corporate veil and put liens on CEO of the times personal property or trusts
Hard to believe zero claim payouts, as even one or a handful of payouts would be enough for plausible deniability so these are imbeciles if corporate America !
Cyber security lawsuit is more tenuous than bad
Re: (Score:3)
Same here. Premera paid no claims for years so we finally switched to UnitedHealthcare. United is much better since they paid the claim of one of our three employees that gave birth. 1/3 sounds bad, but it's so much better than nothing.
Re: (Score:3)
1/3 sounds bad, but it's so much better than nothing.
That must be an awful way to live. You have my sympathy.
Re: (Score:3)
My wife broke her ankle last year, and was seen immediately at the A&E by a series of well trained competent doctors and nurses.
She was then admitted and stayed in hospital for the next three weeks and had an operation.
When she did come home she had a home help person come to clean the house, and the district nurse checked on her for 6 weeks or so.
But it get worse! So much worse!
When she decided some (extra) physiotherapy was needed, I had to pay nearly $15 per session!
I
Re: Premera in which state? (Score:2)
Thatâ(TM)s why Iâ(TM)m sticking with Kaiser Permanente. Yes I have heard bad stuff about them but bad surgeries do not seem to happen more frequently than at other places. The thing that never happens with them is a giant magical bill out of nowhere. When our son was born he was premature and in breach position. We had to do an unplanned c-section and we stayed 4 days in the hospital after the surgery. The total bill was $750, in the middle of Silicon Valley. We then had daily follow ups on how to
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
2015 compensation included a base salary of $1.07 million and incentive plan payouts of $2.45 million.
A better news story would be to illuminate what the "incentive plan" is... or maybe to expose just how much $ they spend on lobbying.
Destruction of evidence (Score:3)
If it can be shown that evidence was deliberately destroyed (and yeah, that's the hard part), then there's generally a legal presumption that the evidence showed the worst possible interpretation of the case for the party which destroyed (else why destroy it?).
Of course when the evidence that they destroyed evidence has also been destroyed, and the evidence of that has been destroyed... well, you get the idea.
I believe it (Score:2)
For nearly ten years before I retired BCBS was the insurance vendor for where I worked.
After I retired I switched to their supplement plan. Four years later, even though my wife and I had made few claims, which they were very slow paying, if at all, we got a notice saying that our "group" was being canceled. So we contracted with another supplement vendor. Three months later BCBS sent us an ad telling about a new policy, which was exactly like the policy they dropped, except that it cost about 50% mor
Re: (Score:2)
Timing is everything. (Score:2)
Timeline:
- 2014, the OPM warning
- 2015, Premera announces breach
- 2015, Lawsuits filed
- 2016, One computer destroyed for end-of-life
- 2018, Plaintiffs ask for all computers *** This motion makes all computers "evidence"
- 2018, Premera gives all but destroyed
I can destroy my desktop today. It can be crucial to a lawsuit tomorrow. Today it is not evidence. It isn't evidence tomorrow, either, because I destroyed it today.
I am not compelled to preserve my desktop until served notice.
Timing is everything.
Comment removed (Score:4, Informative)
Re: (Score:2)
You wish it worked that way. You see, the computer wasn't destroyed until law suits were filld [sic].
Hold up right there.
If I receive notice of a lawsuit today, does that mean I can't replace my refrigerator?
The original lawsuit, like most at that stage, was vague in scope and did not include a motion to preserve the destroyed computer.
At no time prior to a motion to turn over all computers in 2018 were the computers sequestered by the court.
Had that been the case, we'd be reading about the criminal charges filed for destroying evidence.
Timing is everything.
Re: (Score:3)
If the refrigerator contains or is evidence relevant to the lawsuit, yes, it means exactly that.
Re: (Score:1)
And, as you admit in your post, I'd have to know that the lawsuit existed and that the fridge was relevant to that lawsuit because the lawsuit defines scope.
Does the presence of a lawsuit mean I can't sell my lawnmower?
Re: (Score:2)
Didn't work out well.
After I chopped them up, they did not respond to my efforts to manage them.
Re: (Score:1)
Destroying a HD is not illegal.
I destroyed all the hard drives I ever got rid of at work as a promise to my boss that no one could ever recover any data once they left the building.
When a HD, tablet, smart phone, other, here at home fails, it gets smashed with a 15-pound hammer.
Is it possible that someone, someday, could ask for the hard drives or other as part of discovery?
Sure.
My answer would be, "You're too late to the fucking party and you didn't even bring any goddam ice."
If asked why I didn't preserve
Re: (Score:2)
Yes, but the time after which you can no longer destroy the drives starts earlier than you believe.
Re: (Score:2)
The legal system is not a matter of faith.
"Evidence," has a definition that that describes often mundane things that become relevant only after a crime has been committed.
It was not criminal to destroy the hard drive because it was not of any interest until 2018, after it had been destroyed for an unrelated reason.
Re: (Score:2)
Re: (Score:2)
If a crime happened and your fridge was involved ...
Stop.
You did a two-step:
1.) A crime happened
2.) Fridge
That's not what happened:
1.) A computer was destroyed
2.) A motion for computer was filed
That's why timing is everything.
Re: (Score:2)
That's right, you're not from Texas [youtube.com].
Re: (Score:2)
Re: (Score:2)
Stop.
The law is not based upon speculation prior to establishment of litigation.
Any and all objects in the universe have the property that they could, individually or collectively, be evidence, and yet they are not all, at this point, evidence.
In law, there's an order of operation:
Evidence does not exist before probable cause.
I have a magnifying glass on my desk.
I could choke someone with it.
If I should do that, it would become evidence.
At this writing, I have not choked anyone with it, nor is there probabl
Re: (Score:2)
You can have your opinions about what people should do, but your thoughts are not supported by case law.
Can that really work? (Score:3)
I've worked at places that use an insanely short email retention policy to get out of e-discovery in lawsuits. One place had a 30-day retention..anything older than that and, "la la la, we have no record of the email you are attempting to recover." And apparently that works, if you have a written policy stating that you don't keep email or backups for more than X days.
But, couldn't any company just send all their computers to the metal shredder the second a lawsuit is filed using the same argument? Maybe that's how they're planning on hiding how bad their data breach was. Somehow I doubt that though...if there were no rules against destroying evidence, every computer would have a self-destruct circuit in it.
Of course no one knows what actually happened, but this totally reads like some clueless CIO getting pressure from the board and CEO to just make the problem disappear.
Re:Can that really work? (Score:5, Informative)
The short retention works for anything that happens BEFORE the lawsuit is filed. The written policy is just a way to show that anything destroyed more than 30 days before the lawsuit was just business as usual, not an attempt to destroy evidence. Once the suit is filed, the destruction must be suspended.
Re:Can that really work? (Score:4, Interesting)
The spoliation inference is a negative evidentiary inference that a finder of fact can draw from a party's destruction of a document or thing that is relevant to an ongoing or reasonably foreseeable civil or criminal proceeding: the finder of fact can review all evidence uncovered in as strong a light as possible against the spoliator and in favor of the opposing party.
E-mail/document retention policies are not a get out of jail free card.
If the company can "reasonably foreseeable" the documents will be needed, they're obliged to preserved them, lawsuit or not.
At the bare minimum, a judge will tell the jury to interpret destroyed evidence in the worst possible light for the destroyer.
In a worst case scenario, depending on your jurisdiction, destroying evidence will spawn a separate civil lawsuit or a criminal prosecution (fines and jail time).
Destroying evidence means you're stupid or hiding something much worse.
Re: (Score:1)
No one's being held accountable. (Score:3)
in prison the state pays the doctor with no claim (Score:2)
in prison the state pays the doctor with no claim bs.
Some doctors like it same pay + much less paper work.
Of course they did (Score:2)
A corparation can only be trusted to do whatever is in its best interest. Even If there are no psychopaths in its top management. The committee will always choose to do what is best for the company no matter what the law is. Its one of the reasons we need more regulation in this country. Several generations of US citizens have now been convinced that government regulation is bad. They have been convinced of this to preserve the bottom line of companies whose management closely resembles the communist p