Transformative Healthcare Hit with Class Action Over 2023 Data Breach Affecting 911K Fallon Ambulance Service Patients
Durgin v. Transformative Healthcare, LLC et al.
Filed: January 18, 2024 ◆§ 1:24-cv-10137
Transformative Healthcare faces a class action after a data breach reportedly exposed the personal data of patients who received services from Fallon Ambulance Service.
Massachusetts
Transformative Healthcare faces a proposed class action after a 2023 data breach reportedly exposed the personal information of more than 911,000 individuals who received emergency medical transport services from its now-defunct subsidiary, Fallon Ambulance Service.
Want to stay in the loop on class actions that matter to you? Sign up for ClassAction.org’s free weekly newsletter here.
According to the 34-page lawsuit, Transformative Healthcare began informing affected individuals in December of last year that an unauthorized actor had gained access to Fallon’s data storage archive between February 27 and April 22, 2023. The case claims that the cyberattack compromised patients’ names, sensitive health information and Social Security numbers.
Also named as a defendant in the suit is Coastal Medical Transportation Systems (CMTS), which acquired Fallon in September 2022. Prior to the acquisition, Fallon responded to thousands of patient emergencies in the greater Boston area, the complaint relays.
The lawsuit argues that the incident stemmed from the defendants’ failure to properly secure patients’ private data from unauthorized access, which has exposed them to a lifelong risk of identity theft and fraud.
“In the months and years following the data breach, [the plaintiff] and the other class members will experience a slew of harms because of [the defendants’] ineffective data security measures,” the filing says. “Some of these harms will include fraudulent charges, medical procedures ordered in patients’ names without their permission, targeted advertising without patient consent, and emotional distress.”
Per the suit, the data breach could have been prevented or mitigated had Transformative Healthcare and CMTS fulfilled their obligations under HIPAA, common law, industry standards and their own representations to protect patients’ private health data from exposure. To add insult to injury, the defendants “knew or should have known” that cybercriminals would target their network in light of recent, well-publicized attacks within the healthcare industry and “repeated public warnings” about the threat of data breaches, the complaint contends.
The plaintiff, a Boston resident who received emergency medical services from Fallon before it ceased operations, says he received a data breach notice from Transformative Healthcare around December 27, 2023, more than eight months after it claimed to have detected the incident. Per the case, Transformative Healthcare’s failure to timely notify victims prevented them from taking steps to mitigate any associated risks or harm.
The lawsuit looks to represent anyone who received a data breach notice from Transformative Healthcare in or around December 2023.
Get class action lawsuit news sent to your inbox – sign up for ClassAction.org’s free weekly newsletter here.
Hair Relaxer Lawsuits
Women who developed ovarian or uterine cancer after using hair relaxers such as Dark & Lovely and Motions may now have an opportunity to take legal action.
Read more here: Hair Relaxer Cancer Lawsuits
How Do I Join a Class Action Lawsuit?
Did you know there's usually nothing you need to do to join, sign up for, or add your name to new class action lawsuits when they're initially filed?
Read more here: How Do I Join a Class Action Lawsuit?
Stay Current
Sign Up For
Our Newsletter
New cases and investigations, settlement deadlines, and news straight to your inbox.
Before commenting, please review our comment policy.