Bloomberg Law
March 11, 2021, 4:07 PMUpdated: March 11, 2021, 9:38 PM

Centene Sues Accellion Over Data Exposed in Hack (Correct)

Mike Leonard
Mike Leonard
Legal Reporter

Centene Corp. sued Accellion Inc. in Delaware on Thursday over a January cyberattack on the cloud data company’s “file transfer appliance,” demanding it cover costs associated with the exposure of confidential information belonging to patients of insurer Health Net LLC, a Centene subsidiary.

Despite the “clear requirements” of its indemnification agreement with Centene, Accellion “has refused to bear responsibility” for expenses stemming from the hack, including the costs of remediation, mitigation, notification, credit monitoring, regulatory reporting, and attorneys’ fees, the complaint says.

The lawsuit adds to Accellion’s mounting legal troubles in the wake of the data breach, which compromised the data of fewer than a third of the 300 clients using the FTA software, according to a company press release.

The hack’s victims include law firms Goodwin Procter LLP and Jones Day. Accellion is alreadyfacing multiple proposed consumer class actions.

Centene’s suit, filed in Delaware Chancery Court, requests unspecified damages for the costs of responding to the attack. It seeks an order requiring Accellion to hold it “harmless” for any legal claims and forcing the data security company to submit to audits of its compliance with their contracts.

Cause of Action: Breach of contract.

Relief: Damages, costs, fees, interest, and specific performance of the indemnification provision.

Response: Accellion declined to comment Thursday.

Attorneys: Centene is represented by Skadden, Arps, Slate, Meagher & Flom LLP.

The case is Centene Corp. v. Accellion Inc., Del. Ch., No. 2021-0206, complaint filed 3/11/21.

(Corrects the number of clients affected by the hack in the third paragraph.)

To contact the reporter on this story: Mike Leonard in Washington at

To contact the editors responsible for this story: Rob Tricchinelli at; Steven Patrick at