Dozens of sufferers of a premier Manhattan plastic surgeon had their hacked nude pictures and social safety numbers posted on-line — and the physician did not notify each his shoppers and the authorities, in accordance with a category motion lawsuit.
Dr. Richard Swift’s workplace, positioned on the monied Higher East Facet, was hacked in an alleged malware assault final yr, with a Russian-hosted web site that includes delicate data of at the least 22 sufferers, the swimsuit claims.
Linda Qutawna was one of many shoppers, alleging that pictures of her breasts as a part of a session have been hacked and printed on-line — and she or he solely discovered when the hackers reached out to her immediately.
Qutawna, who first contacted Swift’s workplace in 2023 to take away breast implants, advised The Put up that the expertise has been “traumatizing” and “humiliating.”
“He simply didn’t wish to take any accountability or acknowledge it, and even reassure us… That’s the naked minimal that we have been searching for,” she stated. “However he didn’t.”
The lawsuit blames Swift’s “inadequately protected laptop methods” for the hack and alleges that the surgeon “failed to stick to his statutory responsibility to alert his sufferers that his agency suffered from a knowledge breach.”
The doc additionally “ignored repeated requests for data from [Qutawna],” courtroom papers declare.
As well as, lawyer Daniel S. Szalkiewicz alleged that Swift by no means knowledgeable Lawyer Common Letitia James’ workplace concerning the knowledge breach, as required by legislation.
James’ workplace confirmed to The Put up on Thursday that Swift has not reported any knowledge breach.
Qutawna claims within the swimsuit that she was advised to ship nude pictures of her “uncovered breasts” to the workplace by way of electronic mail.
She then scheduled a surgical procedure to take away the implants, however later canceled it previous to transferring out of state.
In July 2025, an electronic mail arrived in Qutawna’s inbox with the topic line: “Your images from Richard Swift MD have been printed,” in accordance with the swimsuit.
The message contained three nude pictures she emailed the workplace two years earlier, and a hyperlink to a now-offline web site.
That website additionally contained affected person names, social safety numbers, medical and monetary data — and bare pictures of sufferers, together with of their breasts and genitalia, Qutawna claims.
“I used to be terrified and overwhelmed,” she stated, “as a result of as soon as these pictures and your figuring out data are on the market, you don’t know who has them or how they’ll be used.”
At first, the positioning had 16 affected person recordsdata, however quickly it grew to 22 people, in accordance with the swimsuit.
Attorneys for Swift insisted in a submitting that “Linda Qutawna has by no means had a doctor-patient relationship, or every other type of relationship, with Dr. Swift.”
And since Swift by no means made a promise to inform her of any knowledge breach, it was not “actionable deception” when she was left at midnight, lawyer Justin Kelton stated within the courtroom papers.
When contacted by The Put up, Swift’s workplace declined to remark — and promptly hung up.
Nevertheless, one other plastic surgeon advised The Put up that Swift’s declare is “complete bulls–t.”
“A session establishes the doctor-patient relationship.”
Kelton didn’t reply to The Put up’s repeated requests for remark.
Qutawna stated she contacted Swift’s workplace twice to ask a couple of attainable breach and what actions they have been taking, however acquired no response.
Three different victims Qutawna spoke with stated they’d additionally not acquired any details about the breach, the swimsuit alleges.
Szalkiewicz stated Swift “induced immense hurt” by not alerting sufferers.
“What’s worse is that the physician then ignored pleas for assist,” the lawyer stated.
The location wasn’t taken down till mid-September, Qutawna claimed.
“We expect that he was mainly simply gonna kick the can down the street for so long as he may, and simply faux it by no means occurred,” she stated.
“When a health care provider mishandles your most intimate data, it undermines the one place the place you’re required to be weak and belief that you simply’re going to be protected.”
