Profits Over Protection?
The suit blasts Cierant for allegedly cutting costs on security while raking in profits. By delaying updates and skipping stronger safeguards, the company prioritized its bottom line over consumer privacy, Gifford argues.
To make matters worse, the lawsuit claims Cierant failed to meet state deadlines for disclosure. Instead of notifying victims within 30–60 days, Gifford said her family wasn’t informed until August — eight months after the hack. A public notice was issued in July, long after criminals may have misused the data.
Real-World Consequences for Patients
The lawsuit highlights chilling risks: the stolen information could be used to fraudulently obtain medical services or prescriptions, file false insurance claims, or even create synthetic identities tied to minors as they grow older. Victims are now left scrambling to protect themselves with costly credit monitoring and fraud alerts.
“Cierant’s negligence in failing to implement adequate cybersecurity measures, combined with its failure to act swiftly, constitutes a clear disregard of consumer privacy,” the complaint states.
