LivaNova Facing Multiple Class Action Lawsuits Over October 2023 Cyberattack
The Houston, TX-based medical device company, LivaNova, is facing multiple class action lawsuits over an October 2023 cyberattack that exposed the protected health information of 180,000 patients.
The attack was detected on November 19, 2023, and the investigation confirmed that unauthorized individuals first accessed its network on October 26, 2023. The data compromised in the incident included names, addresses, phone numbers, Social Security numbers, birth dates, diagnoses, treatment information, prescriptions, physician names, medical record numbers, device serial numbers, and health insurance information. Notifications were issued in May 2024, and complimentary credit monitoring services were offered to the affected individuals.
At least two lawsuits have now been filed by patients whose information was exposed in the incident. One of those lawsuits was filed in the U.S. District Court for the Southern District of Texas, Houston Division, on behalf of J.W., by and through her guardian, Angela Johnson. The lawsuit alleges LivaNova maintained sensitive information in a reckless manner and despite its legal obligations and promises to secure the data it held, failed to implement reasonable and appropriate cybersecurity measures. The lawsuit alleges the cyberattack and data breach were foreseeable and preventable, and occurred as a result of inadequate cybersecurity measures.
The lawsuit also accuses the defendant of failing to issue prompt and accurate breach notifications to the affected individuals. The notification letters were sent 6 months after the security breach was detected and 7 months after it occurred. The lawsuit alleges the plaintiff and class members face an ongoing risk of fraud, identity theft, and other misuses of their sensitive information as a result of the data breach.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
The lawsuit alleges negligence, negligence per se, breach of implied contract, breach of fiduciary duty, unjust enrichment, and a violation of the Illinois Consumer Fraud Act and seeks damages, injunctive relief, an award of attorneys’ fees, court costs, and litigation costs, and equitable relief, including an order from the court compelling LivaNove to implement a long list of security measures to prevent similar breaches in the future. The plaintiff and class are represented by Joe Kendall of Kendall Law Group PLLC and Mariya Weekes of Millberg, Coleman, Bryson, Phillips, Grossman PLLC.
Another lawsuit was filed by plaintiff Arthur Podroykin in the U.S. District Court for the Southern District of Texas that alleges LivaNova breached its duties under common law, contract, the Federal Trade Commission Act, and the Health Insurance Portability and Accountability Act.
