Today, the Kehoe Law Firm filed a class action lawsuit against Magellan Health, Inc. alleging the inadequate safeguarding of personally identifiable information (PII) and protected health information (PHI) of its current and former employees, as well as health plan participants. Magellan Health recently experienced a targeted cyberattack and data breach, resulting in the reported compromise of PII and PHI for plaintiffs and over 365,000 class members.

The compromised information, including names, contact details, employee ID numbers, W-2 or 1099 information, Social Security Numbers, taxpayer identification numbers, treatment details, health insurance account information, member IDs, and other health-related data, is now alleged to be in the hands of cyberthieves. The complaint further alleges that Magellan Health’s reckless and negligent maintenance of this sensitive information on its computer network left it vulnerable to cyberattacks. 

Michael Yarnoff of the Kehoe Law Firm emphasized the significance of personal information and the responsibility of corporations to protect it, stating, “In an era where personal data is increasingly under threat, corporations must prioritize the protection of sensitive information. The allegations against Magellan Health underscore the importance of robust cybersecurity measures to safeguard personal and health-related details.” 

Plaintiffs contend that Magellan Health failed to provide timely and adequate notice of the unauthorized access, exposing them to the risk of identity theft and fraud. The lawsuit seeks various remedies, including compensatory damages, reimbursement of out-of-pocket costs, restitution, and injunctive relief. The latter includes demands for enhancements to the defendant’s data security systems, annual audits, and funded credit monitoring services. 

The legal claims against Magellan Health include negligence, negligence per se, breach of implied contract, unjust enrichment, violation of the Arizona Consumer Fraud Act, violation of California’s Unfair Competition Law, violation of Missouri’s Merchandising Practices Act, violation of New York’s General Business Law § 349, violation of Pennsylvania’s Unfair and Deceptive Trade Practices and Consumer Protection Law, violation of Virginia’s Personal Information Breach Notification Act, and violation of Wisconsin’s Deceptive Trade Practices Act. 

For more information about Kehoe Law Firm and its involvement in this matter, please contact Michael Yarnoff at [email protected] or call (215) 792-6676.