Lawyers for Allentown, Pa.-based Lehigh Valley Health Network filed a court motion stating that lawyers representing a data breach lawsuit filed against them improperly downloaded patient data from the dark web in an "attempt to gain a strategic advantage in the case," The Morning Call reported July 29.
Phyllis Sumner, an attorney representing Lehigh Valley, asked a judge to issue a protective order that would classify the stolen patient data as "highly confidential," meaning it could only be shared with a limited number of people, according to the publication.
This motion comes after Patrick Howard, an attorney representing the plaintiff in the suit, acknowledged that he downloaded the patient data from the hacker's site who breached the health system back in February. Mr. Howard argued that the action was not improper and said the health system downloaded the data from the site as well.
"It's a totally frivolous allegation and likely unethical to lob at counsel who are upstanding members of the bar," Mr. Howard told the publication.
Ms. Sumner said by downloading the data, the plaintiffs are "furthering BlackCat's goal in stealing the data." BlackCat is the ransomware group that claimed responsibility for the attack on the health system, which affected 657 of its patients.
Lehigh Valley's lawyer also filed a separate motion that seeks to dismiss the case, arguing that the plaintiffs have "failed to identify specific shortcomings in the health system's security network that led to the breach."