Debra Smilow’s proposed class-action lawsuit was filed Tuesday in Los Angeles Superior Court. The complaint alleges negligence, breach of contract and invasion of privacy. It seeks unspecified damages.
An Anthem media representative did not immediately return a call for comment. The firm has an office in Woodland Hills.
When it was announced by Anthem on Feb. 4, the company labeled the breach a sophisticated, external cyber-attack in which even the president and CEO of Anthem Blue Cross Blue Shield was a victim. Media reports have described it as possibly the largest data breach to hit a health care company. The company announced it is cooperating with the FBI to find those responsible for the breach.
Smilow’s suit alleges the breach could have been avoided because the FBI warned the company last year of an increasing threat to health care providers from hackers.
“Despite its awareness of the threat to its customers’ sensitive personal, medical and financial information, Anthem failed to take the necessary and reasonable steps to protect its data storage system from hackers,” the suit states. “Notwithstanding Anthem’s claim that the breach was first detected on Jan. 29, the breach was not disclosed until nearly a week later.”
The suit describes the infringement as “far more serious than recent retail chain data breaches where credit card information was stolen,” including the massive hacking of Target information systems.
“Unlike the credit card data breaches … the harm here cannot be ameliorated by canceling and reissuing cards,” the suit states.
Hackers were able to obtain Social Security numbers, email addresses, birthdates, employment data and income information from Anthem customers, the suit states.
“Complete identity records like those at issue here can sell for $250 to $400 on the black market, making this a breach potentially worth in excess of $20 billion to cybercriminals,” the suit alleges.
— City News Service
>> Want to read more stories like this? Get our Free Daily Newsletters Here!Follow us: