Class Action Lawsuit Alleges City of Hope Left Patient Data Vulnerable to Cyberattack
Saurenmann v. City of Hope
Filed: April 9, 2024 ◆§ 2:24-cv-02860
City of Hope has been hit with a class action over a 2023 cyberattack that compromised the private data of approximately 827,000 patients.
California Unfair Competition Law California Confidentiality Of Medical Information Act California Consumer Privacy Act California Consumer Records Act
California
City of Hope, a California-based cancer treatment and research organization, has been hit with a proposed class action lawsuit over a 2023 cyberattack that compromised the private data of approximately 827,000 current and former patients.
Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.
According to the 102-page City of Hope data breach lawsuit, an unauthorized third party gained access to some of the defendant’s computer systems and acquired copies of certain files stored therein between September 19 and October 12, 2023. The suit relays that the personal information exposed in the incident varied by individual but may have included names, contact details, dates of birth, Social Security numbers, driver’s license or government-issued ID numbers, financial account data, health insurance details and medical information.
As the case tells it, the cyberattack was a direct result of City of Hope’s lax data security protocols. The complaint alleges that the cancer center stored patient information unencrypted and in a “reckless manner” in its network, making it particularly vulnerable to unauthorized disclosure.
The lawsuit charges that given the frequency of data breaches in the medical industry in recent years, City of Hope should have taken appropriate measures to secure its computer systems against the “known” and “foreseeable” threat of cyberattacks.
The filing claims the plaintiff—a City of Hope patient residing in California—and other data breach victims are now at a heightened risk of being targeted for cybercrimes and must carefully monitor their financial accounts to protect themselves against identity theft.
In addition, the data breach suit argues that the notice letter City of Hope sent to impacted individuals in early April 2024 was untimely and lacked important information about the incident. Without critical details such as how cybercriminals gained access to the network and what steps are being taken to protect stored data in the future, victims’ ability to mitigate the consequences of the cyberattack is significantly reduced, the case asserts.
The lawsuit looks to represent anyone in the United States whose private information was accessed and/or acquired by an unauthorized third party as a result of the data breach reported by City of Hope in April 2024.
Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s free weekly newsletter here.
Hair Relaxer Lawsuits
Women who developed ovarian or uterine cancer after using hair relaxers such as Dark & Lovely and Motions may now have an opportunity to take legal action.
Read more here: Hair Relaxer Cancer Lawsuits
How Do I Join a Class Action Lawsuit?
Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?
Read more here: How Do I Join a Class Action Lawsuit?
Stay Current
Sign Up For
Our Newsletter
New cases and investigations, settlement deadlines, and news straight to your inbox.
Before commenting, please review our comment policy.