in Newswire Published on November 3, 2022

Empress Emergency Medical Services Hit with Two More Lawsuits Over 2022 Data Breach

Last Updated on September 30, 2024

Colon v. Empress Ambulance Service, LLC

Filed: October 31, 2022 ◆§ 7:22-cv-09322

Empress Emergency Medical Services faces a lawsuit after a July 2022 data breach reportedly compromised the personal information of more than 300,000 consumers.

Defendant(s)

Empress Ambulance Service LLC Empress Emergency Medical Services

Law(s)

Health Insurance Portability and Accountability Act

State(s)

New York

Categories

Privacy Data Breach

Empress Emergency Medical Services has been hit with two more proposed class action lawsuits in the wake of a July 2022 data breach that reportedly compromised the personal information of more than 300,000 consumers.

Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.

The lawsuits, both of which were removed from state court to New York’s Southern District Court on October 31, claim the Yonkers-based emergency care and medical transportation provider failed to implement reasonable cybersecurity policies and procedures in order to safeguard patients’ information. Per the cases, current and former patients’ names, dates of service, Social Security numbers and insurance information were exposed in the incident, which was detected by Empress on July 14 of this year and publicly acknowledged by the company in September.

The lawsuits contend that the 318,558 individuals who were identified by Empress as among those whose information was compromised now face “a lifetime risk of identity theft,” made worse by the exposure of their Social Security numbers.

“Plaintiff and Class Members now face years of constant surveillance of their financial and personal records, monitoring, and loss of rights,” one case reads.

The lawsuits relay that Empress first identified a “network incident” resulting in the encryption of some of its systems on July 14 and then launched an investigation. According to the cases, Empress determined that an unauthorized actor had gained access to its systems on May 26, 2022 and copied “a small subset of files” on July 13.

Although Empress began notifying affected individuals on September 9, the information provided to consumers lacked certain key details, one case contends. For instance, the suit says, Empress failed to disclose that the breach was perpetuated by ransomware group Hive, who has reportedly published Empress patients’ information on the Dark Web and shared it with third parties, including DataBreaches.net.

The two lawsuits claim the data breach occurred as a result of Empress’s “inadequate security and breach of its duties and obligations,” and each case “seeks to remedy these failings and their consequences.”

The lawsuits propose to cover anyone whose personal information was compromised or exposed to unauthorized persons in the Empress data breach.

Are you owed unclaimed settlement money? Check out our class action rebates page full of open class action settlements.

Case Spotlight

Video Game Addiction Lawsuits

If your child suffers from video game addiction — including Fortnite addiction or Roblox addiction — you may be able to take legal action. Gamers 18 to 22 may also qualify.

Learn more:Video Game Addiction Lawsuit

Depo-Provera Lawsuits

Anyone who received Depo-Provera or Depo-Provera SubQ injections and has been diagnosed with meningioma, a type of brain tumor, may be able to take legal action.

How Do I Join a Class Action Lawsuit?

Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?

Read more here: How Do I Join a Class Action Lawsuit?