American Addiction Centers Inc. negligently failed to protect the personal information of more than 400,000 people that was exposed in a September ransomware attack and data breach, a proposed federal class action said.
Lead plaintiff Athena Luth alleged that American Addiction breached its duties under common law, contract law, industry standards, the Health Insurance Affordability and Portability Act, and the Federal Trade Commission Act to implement reasonable and adequate data-security measures designed to identify malicious activity and alert administrators and engineers.
Information exposed in the incident included names, Social Security numbers, dates of birth, medical-record numbers, medical-treatment information, health-insurance information, ...
Learn more about Bloomberg Law or Log In to keep reading:
Learn About Bloomberg Law
AI-powered legal analytics, workflow tools and premium legal & business news.
Already a subscriber?
Log in to keep reading or access research tools.