CareSource Hit with Class Action After Member Info Was Exposed During MOVEit Data Breach
Last Updated on October 1, 2024
Willis v. CareSource
Filed: September 13, 2023 ◆§ 3:23-cv-00264
CareSource is one of the latest healthcare entities to face a proposed class action in the wake of the May 2023 MOVEit data breach.
CareSource is one of the latest healthcare entities to face a proposed class action in the wake of the May 2023 MOVEit data breach, a major international cyberattack that compromised the systems of many organizations that use the file transfer service.
Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.
The 46-page suit accuses CareSource, one of the country’s largest Medicaid managed care plans, of failing to safeguard the sensitive data of more than three million people, including minors. Per the case, the ransomware gang behind the MOVEit data breach was able to access CareSource member names, addresses, dates of birth, genders, Social Security numbers, and medical and health insurance information. According to the case, CareSource used MOVEit’s file transfer service to “share data to manage your benefits.”
Related Reading: 2023 MOVEit Data Breach Lawsuits
The complaint says that although CareSource claims to have been made aware of the cyberattack on the file transfer vendor on May 31, 2023 and patched the affected software on June 1, it was not until around August 24 that the company began notifying members that their data had been stolen.
According to the case, an investigation revealed that a “bad actor” did in fact access the software and copied certain data from the vendor’s server. The suit says that proposed class members’ information was accessed without authorization due in part to CareSource’s “inadequate vendor screening and security measures.”
The CareSource data breach lawsuit contends that the healthcare company was aware that the sensitive personal information in its care was a “lucrative target for hackers” yet failed to implement and maintain reasonable cybersecurity measures to protect the data.
The lawsuit looks to cover all persons whose personal or health information was compromised in the CareSource data breach, including those who received notice about the incident.
Are you owed unclaimed settlement money? Check out our class action rebates page full of open class action settlements.
Video Game Addiction Lawsuits
If your child suffers from video game addiction — including Fortnite addiction or Roblox addiction — you may be able to take legal action. Gamers 18 to 22 may also qualify.
Learn more:Video Game Addiction Lawsuit
Depo-Provera Lawsuits
Anyone who received Depo-Provera or Depo-Provera SubQ injections and has been diagnosed with meningioma, a type of brain tumor, may be able to take legal action.
Read more: Depo-Provera Lawsuit
How Do I Join a Class Action Lawsuit?
Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?
Read more here: How Do I Join a Class Action Lawsuit?
Stay Current
Sign Up For
Our Newsletter
New cases and investigations, settlement deadlines, and news straight to your inbox.
Before commenting, please review our comment policy.