A class action lawsuit has been filed against Superior Air-Ground Ambulance Service, Inc. for allegedly failing to protect sensitive patient information. The lawsuit, initiated by Kirkston Spann II, was filed on June 6, 2024, in the United States District Court for the Northern District of Illinois. The complaint alleges that a data breach occurred between May 15 and May 23, 2023, during which cybercriminals accessed and exfiltrated personally identifiable information (PII) and protected health information (PHI) of approximately 858,000 individuals.
The lawsuit claims that Superior Air-Ground Ambulance Service was negligent in securing patient data, which included names, Social Security numbers, medical records, and financial details. The complaint highlights the company’s failure to implement adequate cybersecurity measures, despite being aware of the risks associated with handling highly sensitive information. It also notes that the company delayed notifying affected individuals after discovering the breach, exacerbating the potential harm to patients.
Plaintiff Kirkston Spann II contends that the breach has caused significant harm to class members, including invasion of privacy, identity theft, and increased spam communications. The lawsuit also accuses Superior Air-Ground Ambulance Service of violating several laws, including the Health Insurance Portability and Accountability Act (HIPAA), which requires strict protection of PHI. The complaint points to the company’s failure to follow basic security protocols, such as encryption and timely software updates, as contributing factors to the breach.
The plaintiffs are seeking various forms of relief, including statutory and nominal damages for those affected by the breach. They are also requesting injunctive relief to ensure that Superior Air-Ground Ambulance Service implements proper security measures to prevent future data breaches. The case is being overseen by judges from the United States District Court for the Northern District of Illinois.
Reference:
