Multiple class action lawsuits were filed against the medical device company, LivaNova based in Houston, TX due to a cyberattack in October 2023 that compromised the protected health information (PHI) of 180,000 individuals.
The attack was discovered on November 19, 2023, and it was confirmed by the investigation that unauthorized persons got access to its system on October 26, 2023. The breached data during the incident included names, telephone numbers, addresses, Social Security numbers, birth dates, diagnoses, treatment data, prescription medications, device serial numbers, doctor names, medical record numbers, and medical insurance data. LivaNova sent notification letters in May 2024, and offered free credit monitoring services to the impacted persons.
Two lawsuits were filed by patients who had their data compromised in the incident. One lawsuit was submitted in the U.S. District Court for the Southern District of Texas, Houston Division, representing J.W., by with Angela Johnson, her guardian. The lawsuit claims LivaNova retained sensitive data in a sloppy way and in spite of its legal responsibilities and assurances to protect the data it kept, did not implement fair and proper cybersecurity procedures. The lawsuit claims the cyberattack and data breach were expected and avoidable, and happened due to insufficient cybersecurity steps.
The lawsuit additionally alleges that the defendant failed to issue quick and appropriate breach notification letters to the impacted persons. LIvaNova sent the notification letters 6 months after the discovery of the security incident and 7 months after it happened. The lawsuit claims that because of the data breach, the plaintiff and class members are facing a constant risk of identity theft, fraud, and other improper uses of their sensitive data.
The allegations presented in the lawsuit include negligence, negligence per se, unjust enrichment, breach of fiduciary duty, breach of implied contract, and a violation of the Illinois Consumer Fraud Act. The lawsuit seeks damages, an award of attorneys’ fees, injunctive relief, court expenses, and litigation fees, and equitable relief, which include a court order requiring LivaNove to enforce a number of security procedures to stop the same breaches later on. The legal representatives of the plaintiff and class are Atty Mariya Weekes of Millberg, Coleman, Bryson, Phillips, Grossman PLLC, and Atty Joe Kendall of Kendall Law Group PLLC.
The other lawsuit was submitted by plaintiff Arthur Podroykin in the U.S. District Court for the Southern District of Texas. Allegedly, LivaNova failed to perform its duties as required by contract, common law, the Health Insurance Portability and Accountability Act compliance checklist, and the Federal Trade Commission Act.
