Caly Children’s Hospital in San Francisco, California, outso…
Caly Children’s Hospital in San Francisco, California, outsourced the storage of patients’ personal information to a third-party vendor SecureMed. Hackers accessed SecureMed’s cloud storage, exfiltrated the personal information of Caly’s patients, and then encrypted the information left on SecureMed’s servers. Hackers then requested a ransom from SecureMed related to the Caly data. SecureMed paid the ransom, but the patients’ personal information was not returned. The patients sued Caly Children’s Hospital. Are the patients likely to be successful in their lawsuit against the hospital?