“As a result, PruittHealth is not able to confirm whether your information was exposed,” the company stated in its disclosure. PruittHealth serves approximately 24,000 patients daily across the Southeast.
Inadequate Cybersecurity Measures
The stolen files included sensitive information such as names, dates of birth, Social Security numbers, bank account details, insurance information, and healthcare records. Clayton argues that PruittHealth’s failure to meet minimum industry standards for cybersecurity, especially those required for handling sensitive medical information, led to the breach. Alleged shortcomings include the use of outdated computers, inadequate employee training on security protocols, and a lack of procedures to handle ransomware attacks.
PruittHealth Data Breach Class Action : Impact on Victims
Although Clayton has not reported any direct fraud incidents, she and other victims have been compelled to spend significant time monitoring their financial records and updating security measures. “Now she checks her bank accounts and credit cards throughout the day each day, spending approximately an hour per week just monitoring accounts because of defendant’s data breach,” Clayton noted. She highlighted the substantial risk of out-of-pocket fraud losses, such as fraudulent loans, medical services billed in victims’ names, tax return fraud, and credit card fraud.
Legal Claims and Relief Sought
Clayton’s lawsuit asserts claims for negligence, breach of contract and fiduciary duty, and unjust enrichment. She is seeking an injunction requiring PruittHealth to enhance its cybersecurity protocols and provide lifetime credit monitoring for affected individuals. Additionally, Clayton is pursuing monetary damages and attorney fees.
