Two pharmaceutical companies have been slammed with a lawsuit after they suffered a cyberattack that exposed the private health information of more than half-a-million of its clients.
Plaintiff Kelvin James filed the proposed class action lawsuit against drug wholesale company Cencora Inc. and its subsidiary The Lash Group LLC on May 30 in a Pennsylvania federal court, alleging negligence and breach of implied contract.
Cencora, formerly known as AmerisourceBergen, is a drug wholesale company and Lash Group, its subsidiary, connects creators of pharmaceutical products with providers who care for patients.
James is suing the pair after they were allegedly hit with a “massive and preventable” cyberattack, discovered Feb. 21, 2024, which exposed the data of at least 540,000 of their customers.
James says the cyberattack targeted customers’ private health information on the companies’ information network, including full name, date of birth, health diagnosis, medications and prescriptions.
It was negligence that led to the cybercriminals infiltrating the companies’ inadequately protected network servers and accessing the highly sensitive information, James alleges.
“Defendants disregarded the rights of [James and the class] by intentionally, willfully, recklessly, and/or negligently failing to take and implement adequate and reasonable measures to ensure that [their private information] was safeguarded,” the lawsuit states.
James says the companies put consumers further at risk by neglecting to inform them of the breach until more than three months after it was discovered.
He says, while they claim to have discovered the breach as early as Feb. 1, 2024, they did not inform victims of the data breach until May 17.
James claims he and other victims were “wholly unaware of the data breach” until they received letters informing them of it.
According to the Cencora lawsuit, James says he and others have suffered from the data breach and will continue to suffer harm.
James is a patient with the companies, and therefore provided them with his name, date of birth, and full health, insurance, and financial information. He says he’s normally very careful with his data, however he trusted the companies to protect it.
“James would not have entrusted his Private Information to Defendants had he known of Defendants’ lax data security policies,” the lawsuit says.
James says, after the data breach his credit score was damaged, he had suffered suspicious unauthorized account openings and transactions and lost time checking his accounts.
This lawsuit is the latest in a wave of lawsuits Cencora has faced in the wake of the data breach, Bloomberg reports. At least four other lawsuits have been filed in the past several weeks.
In the Cencora Lash Group data breach class action lawsuit, James seeks to represent a nationwide class of patients whose information was compromised in the Cencora Lash Group data breach. He alleges negligence, breach of implied contract, and unjust enrichment, seeking damages, legal fees, and a court order mandating enhanced cybersecurity measures from the companies involved.
Case Details
Plaintiffs' Attorneys
Loading...
Injury Claims keeps you informed about lawsuits large and small that could affect your daily life. We simplify the complexities of class actions lawsuits, open class action settlements, mass torts, and individual cases to ensure you understand how these legal matters could impact your rights and interests.
If you think a recent legal case might affect you, action is required. Select a class action lawsuit or class action settlement, share your details, and connect with a qualified attorney who will explain your legal options and assist in pursuing any compensation due. Take the first step now to secure your rights.