Greater Rochester Independent Practice Association Settles MOVEit Data Breach Litigation
Greater Rochester Independent Practice Association has agreed to settle litigation stemming from the May 2023 MOVEit data breach, which exposed patient information held by the New York-based physician network. The settlement resolves claims brought against GRIPA under the wave of lawsuits that followed the widespread MOVEit file-transfer vulnerability.
Why this matters: MOVEit was not one breach. It was hundreds, hitting healthcare organizations, government agencies, and financial firms in a single campaign. GRIPA is one more item on that list, and the people affected are patients who had no say in how their medical information was stored or transferred. Settlements like this close the legal file, but they rarely cover what it actually costs someone when their health data gets out. The deeper issue is that healthcare networks keep using third-party file tools with serious security gaps, and patients keep absorbing the risk.
Who should care: Cybersecurity · Privacy officers · Administrators · Lawyers · Compliance · Healthcare professionals
This summary is AI-assisted and may contain errors. It is an original briefing to help you gauge significance quickly — not a reproduction of the source. Always read the linked original before relying on it. See our methodology.