in Newswire Published on January 31, 2024

Henry Schein Failed to Protect Employee Data from Cyberattack, Class Action Claims

by Kelsey McCroskey

View Comments

Depperschmidt v. Henry Schein, Inc.

Filed: January 25, 2024 § 1:24-cv-00550

Read Complaint

Henry Schein faces a class action over an October 2023 cyberattack that reportedly compromised the private data of approximately 29,000 individuals.

Defendant(s)

Henry Schein, Inc.

Law(s)

Kansas Consumer Protection Act

State(s)

New York

Categories

Medical/Health Privacy Data Breach

Henry Schein, Inc. faces a proposed class action over an October 2023 cyberattack that reportedly compromised the private data of approximately 29,000 individuals.

Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.

According to a notice letter sent to victims, the company determined on October 14, 2023 that some of its manufacturing and distribution businesses had experienced a “cybersecurity incident.” Per the notice, a subsequent investigation revealed that the data breach exposed personal information belonging to current and former employees of Henry Schein or its subsidiaries.

The 62-page lawsuit relays that the sensitive data compromised in the incident may have included individuals’ names, addresses, phone numbers, email addresses, photographs, dates of birth, demographic and background information, bank account information, credit card numbers, loan details, IP addresses and certain employment details. In addition, the suit says the cyberattack may have exposed employees’ medical history, health insurance information and government-issued identification numbers, such as Social Security, passport, driver’s license or state ID numbers.

The notice letter adds that the data breach may have also impacted the foregoing information about employees’ dependents.

The case alleges that although the company had a duty to safeguard workers’ personal data, Henry Schein failed to put in place reasonable cybersecurity procedures to adequately protect the information in its care from unauthorized disclosure. In fact, the complaint claims the defendant stored the sensitive data unencrypted and “in a reckless manner” on its computer systems.

The filing takes further issue with the company’s notification of victims, arguing that the notice letters were untimely and lacked critical details about the data breach.

Victims like the plaintiff—a Kansas resident who received notice from Henry Schein on January 11 of this year—now face an increased risk of identity theft and fraud as a result of the defendant’s negligence, the case charges.

The lawsuit looks to represent anyone in the United States whose private information was impacted as a result of the data breach announced by Henry Schein in January 2024.

Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s free weekly newsletter here.

Case Spotlight

Hair Relaxer Lawsuits

Women who developed ovarian or uterine cancer after using hair relaxers such as Dark & Lovely and Motions may now have an opportunity to take legal action.

Read more here: Hair Relaxer Cancer Lawsuits

How Do I Join a Class Action Lawsuit?

Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?

Read more here: How Do I Join a Class Action Lawsuit?

ClassAction.org Newsletter

Stay Current

Sign Up For
Our Newsletter

New cases and investigations, settlement deadlines, and news straight to your inbox.

This browser does not support PDFs. Please download the PDF to view it: Download PDF.
Open Document
Last Updated on January 31, 2024 — 9:54 AM

Kelsey McCroskey

kelsey@classaction.org

Kelsey works primarily on ClassAction.org’s newswire, reporting on cases as they happen.

About ClassAction.org

ClassAction.org is a group of online professionals (designers, developers and writers) with years of experience in the legal industry.

Learn More

Before commenting, please review our comment policy.