On August 11, 2022, MJH Life Sciences (“MJH”) reported a data breach with the Attorney General of Massachusetts. While MJH Life Sciences has not yet confirmed what types of information were compromised, based on the state data breach reporting requirements, it is likely that the information included either Social Security numbers, protected health information, or financial account information. After confirming the breach and identifying all affected parties, MJH Life Sciences began sending out data breach letters to all affected parties.
If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the MJH Life Sciences data breach, please see our recent piece on the topic here.
What We Know About the MJH Life Sciences Data Breach
The information about the MJH Life Sciences data breach comes from a letter the company filed with the Massachusetts Attorney General’s office. According to the most recently available information, MJH recently learned that the company was the victim of a cyberattack affecting the MJH network. In response, MJH secured its systems, contacted law enforcement, and worked with a cybersecurity firm to investigate the incident.
Upon discovering that sensitive consumer data was accessible to an unauthorized party, MJH Life Sciences began the process of reviewing all affected files to determine what information was compromised and which consumers were impacted by the incident. While MJH did not elaborate on what led to the breach or the type of data leaked as a result, the fact that the company reported the breach likely means that the information was sensitive in nature.
On August 11, 2022, MJH Life Sciences sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
More Information About MJH Life Sciences
MJH Life Sciences is a healthcare media business based in Cranbury, New Jersey. The company releases publications designed to inform and educate practitioners in a variety of fields, including oncology, primary care, specialty care, pharmacy, industry sciences, and more. A few of MJH Life Sciences publications include:
MJH Life Sciences employs more than 115 people and generates approximately $23 million in annual revenue.
When Is a Company Legally Responsible for a Data Breach?
U.S. data breach and consumer protection laws require companies to protect the consumer information in their possession. However, even when a company takes significant efforts—and especially when they do not—data breaches still happen. In some cases, companies that experience an otherwise preventable data breach may be liable for consumers’ losses related. However, just because a business gets hacked and the information in its possession ends up in the hands of cybercriminals doesn’t mean that the company is financially liable. Ultimately, data breach cases come down to whether a company was negligent leading up to the breach.
The framework of almost any negligence case requires a victim to prove the following:
The company owed the consumer a duty of care;
The company violated the duty of care owed to the consumer;
The company’s negligent actions caused or contributed to the data breach; and
The consumer suffered legally recognizable harms as a result of the breach.
When it comes to storing consumer data, there are several ways that a company might be negligent. However, most data breaches involving a company’s negligence are caused either by a company failing to employ an adequate data security system or failing to train employees on how to safely care for consumer data. For example, companies should implement phishing training courses for employees to help them recognize fraudulent emails that may appear to be legitimate. Similarly, organizations should continually assess their data security systems to ensure they are up-to-date and protect against the most recent trends in cyberattacks.
Companies that fail to take their data security obligations seriously increase the chances of a data breach. Data breach victims who want to learn more about their rights and whether they may be able to bring a data breach class action lawsuit should reach out to a data breach attorney for assistance.