in Newswire Published on February 23, 2023

Circles of Care’s Negligence to Blame for 2022 Data Breach, Class Action Claims

Landini et al. v. Circles of Care, Inc.

Filed: February 16, 2023 ◆§ 6:23-cv-00273

A class action lawsuit claims that Circle of Care’s inadequate cybersecurity measures resulted in a cyberattack in September 2022 that affected about 61,170 patients.

Defendant(s)

Circles of Care, Inc.

Law(s)

Stored Communications Act Florida Deceptive and Unfair Trade Practices Act

State(s)

Florida

Categories

Technology Medical/Health Privacy Data Breach

A proposed class action lawsuit claims that Circle of Care’s inadequate cybersecurity measures resulted in a cyberattack in September 2022 that affected about 61,170 patients.

Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.

The 45-page complaint says that the network servers of the prominent Florida-based behavioral health care provider were hacked by data thieves on September 6, resulting in the exposure of patients’ personal information. Per the suit, patients’ full names, dates of birth, Social Security numbers, home addresses, phone numbers, driver’s license numbers, bank account details, medical account numbers, provider names, service dates, diagnoses and medical procedure codes were among the compromised data.

In its privacy policy, Circles of Care recognizes its legal obligation to protect the personal data stored in its network and promises to do so with utmost care, the suit says. Despite these assurances, the health care organization failed to implement basic cybersecurity procedures and “ultimately allowed nefarious third-party hackers to breach [its] data servers,” the case charges.

As the filing contends, Circles of Care “opted to maintain an insufficient and inadequate [cybersecurity] system” in spite of the frequency of ransomware attacks in recent years, particularly within the healthcare industry.

What’s more, the defendant also purportedly failed to notify victims of the data breach until weeks after the incident, which only “magnified” the damages for those affected, the complaint claims.

Per the suit, the plaintiffs, both Florida residents and former patients, received notice on December 29, 2022, that their personal information had been compromised in the data breach. As a result of the cyberattack, the plaintiffs now face an “imminent, immediate, and continuing risk of harm” from medical fraud, identity theft, and other illegal schemes for years to come, the case states.

The lawsuit looks to represent anyone in the United States who received a notice informing them that their personal information had been exposed to unauthorized third parties as a result of Circles of Care’s September 2022 data breach.

Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s free weekly newsletter here.

Case Spotlight

Hair Relaxer Lawsuits

Women who developed ovarian or uterine cancer after using hair relaxers such as Dark & Lovely and Motions may now have an opportunity to take legal action.

Read more here: Hair Relaxer Cancer Lawsuits

How Do I Join a Class Action Lawsuit?

Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?

Read more here: How Do I Join a Class Action Lawsuit?