In addition to the class action lawsuit by the millions of individuals affected, Accellion also faced numerous lawsuits from covered entitycustomers, like Centene, who claimed Accellion did not comply with its business associate agreement.
HIPAA is a federal law and does not provide a private right to sue by individuals, but states have consumer protection and privacy laws that lawyers can use. The class members alleged that Accellion violated the Washington Consumer Protection Act, the California Consumer Privacy Act, North Carolina Unfair Deceptive Trade Practices Act, and other consumer protection statutes. Although Accellion later replaced the flawed program with a newer version, it continued to allow customers to renew their licenses on the outdated one that was less secure. Since Accellion had not corrected the flaw in its program, hackers were able to exploit the vulnerability as customers continued to use it. The class action lawsuit claimed that Accellion was not only aware of the risks and vulnerabilities presented by its outdated software, but also failed to take action to keep its file transfer platform secure. Ultimately, the data breach at Accellion involved zero-day vulnerabilities in the company’s file sharing program.
KROGER DATA BREACH 2020 UPDATE
The lawsuits complained Accellion failed to have basic cybersecurity defenses in place, and failed to update and patch its software, leaving customers vulnerable to hacking. District Court for the Northern District of California.Īs a business associate for covered entities like Centene and Kroger, Accellion had a duty to comply with HIPAA, to maintain proper data security practices and to monitor for security vulnerabilities. Lawsuits followed, including a class action by individuals filed in the U.S. Patients and customers of Kroger Pharmacy, Beaumont Health, Trinity Health, Health Net and Centene Corp., among others, were affected. Millions of individuals had their protected health information (PHI) compromised in the breach. The breach occurred because of security flaws in Accellion’s legacy software. Accellion is a technology company specializing in secure file sharing and collaboration with customers in healthcare, finance, telecom, education and government around the world. has agreed to pay $8.1 million to settle a class action lawsuit that resulted from a December 2020 data breach.
0 kommentar(er)
