Class Action Filed Over UConn Health Data Breach That Could Have Affected 326,000 Patients
New London resident Yoselin Martinez alleges in a prospective class action lawsuit that her bank account was compromised soon after she learned about a data breach at the University of Connecticut Health Center. She is suing the health center for unspecified monetary damages.
March 26, 2019 at 01:46 PM
4 minute read
The first lawsuit stemming from February's announcement that a University of Connecticut Health Center data breach could have affected 326,000 current and former patients has been filed in federal court.
The putative class action lawsuit, filed March 18 on behalf of New London resident Yoselin Martinez, alleges the health center notified those affected months after the fact and also states the center could have done more to prevent the breach.
The 31-page lawsuit states, “UConn disregarded the rights of plaintiff and class members by intentionally, willfully, recklessly, or negligently failing to take adequate and reasonable measures to ensure its data systems were protected.”
The lawsuit said the health center announced Feb. 25, nearly two months after the breach was identified, that a hacker had gained access to a number of employee email accounts through a phishing attack that subsequently exposed the personal data of the current and former health center patients. The exposed personal information, the lawsuit says, included patients' names, date of birth, addresses, medical information and Social Security numbers.
According to the lawsuit, credit bureau Experian found in a study that the average total cost of medical identity theft is about $20,000 per incident, and that a majority of victims of medical identity theft were forced to pay out-of-pocket costs for health care they did not receive in order to restore coverage.
Martinez alleges shortly after being notified of the breach she checked her bank account, which had been overdrawn. Upon speaking with a bank representative, the lawsuit says, Martinez was informed that the charge was a result of a fraudulent transaction on her account.
“In addition to the fraudulent activity currently affecting Ms. Martinez as a result of the breach, she will continue to be at heightened risk for financial fraud and identity theft and their attendant damages for years to come,” the lawsuit says.
The lawsuit maintains there were major problems with the health center's security protocols from the get-go.
“The deficiencies in defendants' data security protocols were so significant that the breach likely remained undetected for months,” the suit says. “Intruders, therefore, had months to access, view, and steal patient data unabated. … Timely action by UConn would likely have significantly reduced the consequences of the breach.”
The lawsuit seeks at least $5 million in damages. It also seeks designation as a class and that the health center implement improved security procedures and measures.
Delker Vardilos, the health center's interim health information officer, said Tuesday the center does not comment on pending litigation.
The lawsuit did include the health center's statement last month after it announced the breach.
That statement reads: “UConn Health recently learned that an unauthorized third-party illegally accessed a limited number of employee email accounts. Upon learning of the incident, we immediately took action, including securing the impacted accounts to prevent further unauthorized access and confirming the security of our email system. We also notified law enforcement and retained a leading forensic security firm to investigate and conduct a comprehensive search for any personal information in the impacted email accounts.”
Representing the plaintiff are Brian Murray of Glancy Prongay & Murray and Jean Sutton Martin of North Carolina-based Morgan & Morgan. Neither attorney responded to a request for comment Tuesday.
As of Tuesday, the health center had not assigned an attorney to the matter.
The lawsuit cites six counts, including negligence, breach of contract and invasion of privacy.
Judge Vanessa Bryant is scheduled to hear the case.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
NOT FOR REPRINT
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
You Might Like
View AllFederal Judge Blocks New Hampshire Law Banning Transgender Girls From School Sports
4 minute readSupreme Court Denies Oklahoma's Emergency Bid for Withdrawn Family Planning Funds
Venue Fight: CooperSurgical Plaintiffs Push for Multidistrict Litigation
3 minute readTrending Stories
Who Got The Work
Dechert partners Andrew J. Levander, Angela M. Liu and Neil A. Steiner have stepped in to defend Arbor Realty Trust and certain executives in a pending securities class action. The complaint, filed July 31 in New York Eastern District Court by Levi & Korsinsky, contends that the defendants concealed a 'toxic' mobile home portfolio, vastly overstated collateral in regards to the company's loans and failed to disclose an investigation of the company by the FBI. The case, assigned to U.S. District Judge Pamela K. Chen, is 1:24-cv-05347, Martin v. Arbor Realty Trust, Inc. et al.
Who Got The Work
Arthur G. Jakoby, Ryan Feeney and Maxim M.L. Nowak from Herrick Feinstein have stepped in to defend Charles Dilluvio and Seacor Capital in a pending securities lawsuit. The complaint, filed Sept. 30 in New York Southern District Court by the Securities and Exchange Commission, accuses the defendants of using consulting agreements, attorney opinion letters and other mechanisms to skirt regulations limiting stock sales by affiliate companies and allowing the defendants to unlawfully profit from sales of Enzolytics stock. The case, assigned to U.S. District Judge Andrew L. Carter Jr., is 1:24-cv-07362, Securities and Exchange Commission v. Zhabilov et al.
Who Got The Work
Clark Hill members Vincent Roskovensky and Kevin B. Watson have entered appearances for Architectural Steel and Associated Products in a pending environmental lawsuit. The complaint, filed Aug. 27 in Pennsylvania Eastern District Court by Brodsky & Smith on behalf of Hung Trinh, accuses the defendant of discharging polluted stormwater from its steel facility without a permit in violation of the Clean Water Act. The case, assigned to U.S. District Judge Gerald J. Pappert, is 2:24-cv-04490, Trinh v. Architectural Steel And Associated Products, Inc.
Who Got The Work
Michael R. Yellin of Cole Schotz has entered an appearance for S2 d/b/a the Shoe Surgeon, Dominic Chambrone a/k/a Dominic Ciambrone and other defendants in a pending trademark infringement lawsuit. The case, filed July 15 in New York Southern District Court by DLA Piper on behalf of Nike, seeks to enjoin Ciambrone and the other defendants in their attempts to build an 'entire multifaceted' retail empire through their unauthorized use of Nike’s trademark rights. The case, assigned to U.S. District Judge Naomi Reice Buchwald, is 1:24-cv-05307, Nike Inc. v. S2, Inc. et al.
Who Got The Work
Sullivan & Cromwell partner Adam S. Paris has entered an appearance for Orthofix Medical in a pending securities class action arising from a proposed acquisition of SeaSpine by Orthofix. The suit, filed Sept. 6 in California Southern District Court, by Girard Sharp and the Hall Firm, contends that the offering materials and related oral communications contained untrue statements of material fact. According to the complaint, the defendants made a series of misrepresentations about Orthofix’s disclosure controls and internal controls over financial reporting and ethical compliance. The case, assigned to U.S. District Judge Linda Lopez, is 3:24-cv-01593, O'Hara v. Orthofix Medical Inc. et al.
Featured Firms
Law Offices of Gary Martin Hays & Associates, P.C.
(470) 294-1674
Law Offices of Mark E. Salomone
(857) 444-6468
Smith & Hassler
(713) 739-1250