Anyone who received a letter from PharMerica informing them that their personal information may have been involved in a data breach.
What’s Going On?
Attorneys working with ClassAction.org are investigating whether a class action lawsuit can be filed against PharMerica Corporation and parent company BrightSpring Health Services over a data breach that reportedly exposed the personal and health information of over 5.8 million individuals. But first, they need to hear from people who may have been affected.
How Could a Lawsuit Help?
A class action lawsuit could potentially help victims recover money for damages, including time spent dealing with the effects of the data breach and the cost of identity protection services. It could also force the companies to improve their cybersecurity.
What You Can Do
If you received a data breach letter from PharMerica, help the investigation by filling out the form on this page.
Attorneys working with ClassAction.org want to hear from anyone who received a letter from PharMerica stating that their data may have been compromised in a data breach.
The pharmacy services provider recently announced that an unauthorized third party had gained access to its computer systems and obtained patients’ highly sensitive data – including their names, dates of birth, Social Security numbers, medication lists and health insurance information.
It’s believed that PharMerica and parent company BrightSpring may have failed to take reasonable measures to protect patients’ information from unauthorized disclosure, thereby exposing them to a substantially increased risk of identity theft and fraud.
Now, the attorneys are investigating whether a class action lawsuit can be filed against the Kentucky-based companies to help compensate victims for any damages they’ve incurred as a result of the breach.
If you got a PharMerica data breach letter, a copy of which can be viewed here, fill out the form on this page to find out how you may be able to help the investigation.
PharMerica Data Breach: Why Did I Get a Letter?
PharMerica, which provides pharmacy services to 3,100 medical facilities nationwide, began notifying customers on May 12 that it had fallen victim to a cyberattack between March 12 and 13 of this year. A notice provided to the Maine Attorney General’s Office reveals that the breach has impacted 5,815,591 individuals.
According to the HIPAA Journal, the ransomware gang reportedly responsible for the attack, Money Message, claims to have exfiltrated databases containing 4.7 terabytes of stolen data. DataBreaches.net says that BrightSpring, which offers home- and community-based health services for seniors and high-needs patients, was also targeted in the breach.
In late March, the group began publishing patients’ private information on its extortion site, where the files remained available for download as of May 15, cybersecurity news site BleepingComputer.com reports.
How Could a Lawsuit Help Data Breach Victims?
If successful, a lawsuit could compensate data breach victims for the damages related to the breach, including:
Money spent obtaining credit reports, medical records and additional credit monitoring and identity theft protection services
Time spent dealing with the effects of the breach
Loss of privacy
Damage to credit
In addition, a lawsuit could also force the companies to implement stronger data security to adequately protect patients’ information from future attacks.
What You Can Do
If you received a letter from PharMerica stating that your information may have been exposed during the March 2023 data breach, fill out the form on this page to get in touch.
An attorney or legal representative may reach out to you directly to help answer your questions and tell you more about how you can help the investigation. It doesn’t cost anything to get in touch, and you’re not obligated to take any legal action if you decide you don’t want to.