Acadian Ambulance faces three new class action lawsuits after a June 2023 data breach exposed the personal and medical information of millions of current and former patients and staff members. The lawsuits were filed in a Louisiana federal court by two Louisiana residents and a Texas man, who allege the company’s negligence in failing to implement proper cybersecurity measures. The breach, attributed to the Daixin Team, a known cybercriminal group, involved stolen data such as names, Social Security numbers, and medical records.
The plaintiffs claim that Acadian’s failure to secure its data systems allowed the breach to occur and that the company did not notify those affected until July, weeks after the breach was discovered. Allegedly, Acadian attempted to negotiate a ransom of $173,000, which was rejected by the hackers, who demanded $7 million. This delay in communication put patients and employees at greater risk of identity theft and fraud.
The lawsuits argue that Acadian failed to encrypt or redact sensitive data and retained personal information longer than necessary, leaving it vulnerable to cyberattacks. The plaintiffs seek class action certification and demand that Acadian enhance its data security practices to prevent future incidents. They also request damages and compensation for the affected individuals.
This case is part of a broader trend of data breach lawsuits against major companies, with similar actions filed against Intuit, Ticketmaster, AT&T, and others. These legal actions highlight growing concerns about the adequacy of corporate data protection measures in the face of increasing cyber threats.
Reference:
