Class Action Filed in Wake of ReproSource Fertility Diagnostics Data Breach

New to ClassAction.org? Read our Newswire Disclaimer

ReproSource Fertility Diagnostics, Inc. faces a proposed class action over an August 2021 data breach that reportedly affected more than 350,000 patients.

According to the 52-page lawsuit, the fertility testing company has failed to implement reasonable data security measures to protect patients’ personal information—including names, mail and email addresses, dates of birth, Social Security numbers, health insurance billing information and treating physician details—from unauthorized access. Moreover, the case contends that ReproSource unreasonably delayed notifying those whose information was compromised in the breach, and offered what the suit calls “woefully inadequate” relief in the form of only 12 months of identity monitoring services that require consumers to disclose additional personally identifiable information.

Per the case, the defendant disregarded patients’ privacy rights by “intentionally, willfully, recklessly, or negligently” failing to safeguard their information. The lawsuit relays that the company’s failure to protect patient information is “especially egregious” given ReproSource operates in a field that has been frequently targeted by cybercriminals.

According to the lawsuit, ReproSource provides a variety of fertility diagnostics to patients across the country, and in the process collects their personally identifiable information. The suit says the defendant learned in August 2021 that an unauthorized party had gained access to its network on which patients’ data was stored. Though the data breach took place on August 8, ReproSource waited until October to notify those whose information may have been compromised, according to the complaint.

The case claims ReproSource has offered “no explanation” for the delay in notifying potential victims of the data breach, who allegedly suffered additional harm that could have been avoided had a timely disclosure been issued.

Moreover, the lawsuit claims ReproSource’s data breach notice was “woefully deficient” in that it failed to provide certain details about the incident, including how the unauthorized parties were able to gain access to the company’s system, whether the sensitive information was encrypted, how the breach was discovered, whether it was system-wide, whether servers storing information were accessed and how many patients were affected.

The case posits that the data breach may have been prevented had ReproSource implemented cybersecurity protocols recommended by the U.S. government and Microsoft Threat Protection Intelligence Team.

“These are basic, common-sense email security measures that every business, not only healthcare businesses, should be doing,” the complaint scathes. “ReproSource, with its heightened standard of care should be doing even more. But by adequately taking these common-sense measures, ReproSource could have prevented this Data Breach from occurring.”

The suit goes on to criticize the defendant’s offer of 12 months of credit monitoring, calling the measure “ineffective” for those whose information was compromised. According to the case, patients would be required to disclose their personal information in order to use the services despite the fact that ReproSouce “had just demonstrated it could not be trusted” with the sensitive data. The lawsuit further stresses that while some harm has already been done, “the worst may be yet to come” given there is often a delay between when private information is acquired and when it is used.

According to the suit, victims of the breach have been exposed to “an impending, imminent, and ongoing increased risk of fraud, identity theft, and other misuse of their Private Information.”

The lawsuit looks to represent anyone whose private information was compromised as a result of the ReproSource Fertility Diagnostics data breach discovered around August 10, 2021 and was sent notice of the data breach.

Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s newsletter here.