American Addiction Centers Inc. faces a class action in the Middle District of Tennessee for allegations that it violated the Health Insurance Portability and Accountability Act (HIPAA) by failing to protect patient data from cyber criminals.
In September 2024, American Addiction Centers suffered a cyber-attack that led to the unauthorized access to sensitive personal information and protected health information of over 420,000 individuals. The information included names, Social Security numbers, addresses, telephone numbers, dates of birth, medical information, and health insurance information. The regulatory and individual notifications were provided on or about December 23, 2024; the class action was filed only a few days later.
The class members allege that they face the threat of identity theft and misuse of their data by cyber criminals. The lawsuit includes claims of negligence, unjust enrichment, and breach of implied contract, as well as monetary and injunctive relief.
[View source.]
